Get Your Training On With Hundreds of Free College Courses

Glenn Norman hacking

Our whole purpose is educating and training up-and-coming hackers and security people. That’s why I run my CompTIA and EC-Council courses through this site, and add new videos and lessons as I get the chance.

But we don’t try to be everything; instead, we USE everything that’s useful and high-quality in our trainings. I’m always on the lookout for good, fresh material. And here’s a trove of it, not all related to IT or security, but some real gems among them.

Check out Dhawal Shah’s article on Quartz:

If you haven’t heard, universities around the world are offering their courses online for free (or at least partially free). These courses are collectively called MOOCs or Massive Open Online Courses.
In the past six years or so, close to 800 universities have created more than 8,000 of these MOOCs. And I’ve been keeping track of these MOOCs the entire time over at Class Central, ever since they rose to prominence.
In the past three months alone, over 200 universities have announced 600 such free online courses. I’ve compiled a list of them and categorized them according to the following subjects: Computer Science, Mathematics, Programming, Data Science, Humanities, Social Sciences, Education & Teaching, Health & Medicine, Business, Personal Development, Engineering, Art & Design, and finally Science.
https://qz.com/1120344/200-universities-just-launched-600-free-online-courses-heres-the-full-list/

Right off the bat I note:

Introduction to TCP/IP from Yonsei University

Linux Server Management and Security from University of Colorado System

TCP/IP and Advanced Topics from University of Colorado System

and a ton more.

Go get it! Have fun. And if you’re registered with this site, let me know what training you find or use there in the Comments below.

 

Taking the beta CompTIA Pentester+ Test

Glenn Norman hacking

Okay: I’m a “trifecta instructor” of some 20 years, plus a stack of certs and degrees, including the CEH. I’m going in to test this morning after a quick review of scripting languages. Currently teaching Net+ and Sec+ so I’m pretty fresh, but have no real idea what to expect. Have you reviewed the Objectives? They’re huge and wildly all over the place … SOAP and REST? Really? I’ll post thoughts after taking the test this morning (3/10).

AFTERWARDS

Oh, am I ever glad I’ve done a lot of coding/scripting, and reviewed my PHP, Python and Ruby before the test. Right off the bat I got a long series of long, detailed scenario and “drag and drop” questions that I let suck up too much time. One involved dragging lines or blocks of code from a random assortment into working locations in a script. Recognizing the language was instantly critical. Another “interactive” section comprised ten questions where I needed to identify one-liner payloads and the right control to block them. Be sure you’re very clear on the different types of SQL injection and XSS. The multiple-choice questions were, for a relief, pretty normal. Some did make clear to me some of the things I’ve never done: creating a sandbox, and setting up persistence on a target once it’s been compromised. I know the CEH pretty well (I’m on the review board), and no it is not particularly similar to this test. The CEH concentrates on higher-level tools, like gui exploit tools and specific-function apps. The Pentest+ seems much more focused on knowing low-level tools like nc and nmap, sometimes deeply into the switches and syntax. Definitely spend time working/playing with these so the long, complex multiple choices don’t become a blur. I got 120 question for my 165 minutes, plus a lengthy pre-test agreement and a fairly quick post-test review, both off the clock. It was a race all the way, especially with the intricately detailed commands to pick in multiple-choice questions. I only finished 105, racing to the end, though since I got so many questions maybe I’ll get some slack for that. 😉 Notably, I did NOT see any policy, risk calculations, subnetting or crypto, and no SOAP or REST. Reading other people’s experiences, though, I’m betting there’s a huge question pool (that will hopefully get trimmed down) and your mileage will likely differ. Do I think I passed? I practically never think so walking out of a test, but I practically always do pass. Is it a good alternative to the CEH? I’d say it’s more similar than different. Both certs are really much more focused on defense than offense. It still looks like the OSCP is the big dog of real pen testing, and that’s okay. We all need ladders with more rungs above us.

[ How to Teach Hacker Highschool: Unit 3 ]

Hacker Girl
This entry is part 3 of 3 in the series How to Teach Hacker Highschool

This is the third unit of my course for teachers, which brings together a lot of material I generated while working as Project Manager for the Hacker Highschool v2 Rewrite Project, 2012-2016. This session offers some hints on conducting classes, and help for you to be a great teacher of hacking. Polish your Google Hacking skills, learn to search more safely, show your students easy ways to start coding and start getting familiar with your eyes and ears on the network: Nmap and Wireshark.

Here’s the video of Unit 3, with the links it mentions below. Tell me what you think in the Comments, and thanks for taking a look.

Powerpoint: http://gnorman.org/HHS/Teacher_Training_Unit_2_GN_017-11-20.pdf

Uncut Lessons: http://gnorman.org/2017/05/16/hacker-highschool-download-uncut-lessons/

School for Hackers: https://schoolforhackers.com for Hacker Night School and Hacking 101

Hacker Highschool (http://www.hackerhighschool.org/) is a free, open curriculum from ISECOM (http://www.isecom.org/). Uncut lessons are available at http://gnorman.org/2017/05/16/hacker-highschool-download-uncut-lessons/.

Google Advanced Search Operators: http://www.googleguide.com/advanced_operators_reference.html

DuckDuckGo Search Engine: http://DuckDuckGo.com

http://www.ikeahackers.net/

https://www.buzzfeed.com/readcommentbackwards/40-creative-food-hacks-that-will-change-the-way-yo-dmjk?utm_term=.ve0pYaR41#.oy7357LoM

https://www.wikihow.com/Hack-an-Xbox-Controller-Into-a-PC-Gamepad

https://www.wikihow.com/Create-a-Fake-and-Harmless-Virus

https://www.wikihow.com/Write-a-Batch-File

https://www.wireshark.org/

https://nmap.org/

–Musical Credits–
Opening and Closing: Loops by Mark D’Angelo, copyright 2017
Cold Funk – Funkorama by Kevin MacLeod is licensed under a Creative Commons Attribution license (https://creativecommons.org/licenses/…)
Source: http://incompetech.com/music/royalty-…
Artist: http://incompetech.com/
Music promoted by Audio Library https://youtu.be/Vhd6Kc4TZls

[ How to Teach Hacker Highschool: Unit 2 ]

Hacker Girl
This entry is part 2 of 3 in the series How to Teach Hacker Highschool

This is the second unit of my course for teachers, which brings together a lot of material I generated while working as Project Manager for the Hacker Highschool v2 Rewrite Project, 2012-2016. This session is about building a classroom laboratory for security training.

So here’s the video of Unit 2, with the links it mentions below. Tell me what you think in the Comments, and thanks for taking a look.

POWERPOINT: http://gnorman.org/HHS/Teacher_Training_Unit_3_GN_2017-12-12.pdf

Uncut Lessons: http://gnorman.org/2017/05/16/hacker-highschool-download-uncut-lessons/

School for Hackers: https://schoolforhackers.com for Hacker Nightschool and Hacking 101

Hacker Highschool (http://www.hackerhighschool.org/) is a free, open curriculum from ISECOM (http://www.isecom.org/). Uncut lessons are available at http://gnorman.org/2017/05/16/hacker-highschool-download-uncut-lessons/.

–Musical Credits–
Cold Funk – Funkorama by Kevin MacLeod is licensed under a Creative Commons Attribution license (https://creativecommons.org/licenses/…)
Source: http://incompetech.com/music/royalty-…
Artist: http://incompetech.com/
Music promoted by Audio Library https://youtu.be/Vhd6Kc4TZls

Online victim resources:
https://www.hackthissite.org

https://www.root-me.org/

http://scanme.nmap.org/

[ How to Teach Hacker Highschool: Section 1 ]

This entry is part 1 of 3 in the series How to Teach Hacker Highschool

We’re getting started with this course for teachers, which brings together a lot of material I generated while working as Project Manager for the Hacker Highschool v2 Rewrite Project, 2012-2016. This session discusses some of the issues you may deal with in proposing and setting up a Hacker Highschool class.

So here’s the video of Session 1, with the links it mentions below. Tell us what you think in the Comments, and thanks for taking a look.

POWERPOINT: http://gnorman.org/HHS/Teacher_Training_Unit_1_GN_2017-09-09.pdf

Uncut Lessons: http://gnorman.org/2017/05/16/hacker-highschool-download-uncut-lessons/School for Hackers: https://schoolforhackers.com for Hacker Nightschool and Hacking 101

ISECOM: http://isecom.org

Hacker Highschool: http://hackerhighschool.org

Hacker Highschool (http://www.hackerhighschool.org/) is a free, open curriculum from ISECOM (http://www.isecom.org/). Uncut lessons are available at http://gnorman.org/2017/05/16/hacker-highschool-download-uncut-lessons/.

Equifax Did Three Simple Things Wrong and Hacked Us All

Glenn Norman hacking

So Equifax was hacked not once, but twice? No way. I don’t believe it. If you’ve been hacked twice, you’ve been hacked at least 3.6 million times (or pick any other really big number you like). And notification of this new hack, like the last one, came at a languid pace. I’ve gotta give it to Equifax: if I did something like this, anything like this in my own business, I’d quickly go to prison. Their people are just walking out the door.

What irritates the devil out of me is that Equifax took an equally languid attitude toward the security of my personal information by violating three simple tenets of security. I know it’s not easy to manage a corporate network; I’ve been there. But there are fundamental measures anyone with a brain or responsibility has to take in this field, and Equifax outright failed to do these obvious things.

Principle One: Isolation

Not every system needs to touch the internet. Of those that do, none of them should have access to anything but the absolute minimal resources (meaning other systems) they need to do their job. Production networks should always be totally isolated: human resources, accounts payable, management, customer service and every other production operation should be utterly isolated from each other. Even if systems within them are compromised via email or the internet, they should provide no ingress – absolutely none – across functions. Your deepest assets (consumer records would qualify) should be deeply isolated.

“But customer service needs access to records, and so do the customers!”

Yes, and that functionality is still available. You’ll do it via strongly encrypted, strongly authenticated, highly secured connections. In other words, the segregation cannot be simply VLANs on a switch or even casually configured internal routers. No. Every production network should be encapsulated, firewalled, filtered and logged as an independent unit, one that considers itself surrounded by hostile would-be intruders. If I can walk through your DMZ to your online-data network, that’s a problem. But if I can then pivot to other production networks, it’s time for a firing squad.

Principle Two: Patch Management

All the mainstream security firms will hound you about this: stay patched right up to the minute! There is a tiny minority who would dispute this, arguing that proper isolation makes urgent patch management a useless exercise in anxiety. For my money, I’m going to do both (and a lot more).

The likely culprit here was an unpatched Apache Struts installation. Frameworks like Struts are popular with developers but eventually have to be managed by sysadmins, who may not love or follow them as closely. This is where tight collaboration between these teams has to ensure things that need to be patched (which includes practically everything that’s installed) are included in patch management lists and applications. I shouldn’t have to say it but those lists and apps must be intensively managed. That’s a pain, but lawsuits are a bigger pain, and really big lawsuits can be fatally painful for organizations.

Principle Three: Competent Management

Repeat after me: a degree in music does not qualify you to be CSO. (A degree in music does not qualify ….) Experian did not get this memo, and hired as Chief Security Officer one Susan Mauldin, music major, whose LinkedIn profile was edited and made private shortly after the hack was revealed, likely because she listed no relevant qualifications whatsoever.

I have been working, studying and teaching in this field for some 20 years, and I consider myself hardly qualified for a job like CSO. You’re playing with blood and money in that job. Even if you’re a brilliant poker player, this is 3D chess played with lions. If you can only play Whack-a-Mole on the computer, you should not be managing computer security for a major corporation. You’ll need to be a fanatical, deeply involved security fiend to play cop or Batman for a company like Experian.

This whole question of qualifications goes far beyond this field. A Chief Scientist should, for instance, be a scientist. This quickly gets political (at least for me), so I’ll stop now. But what Experian has done is not political, and not forgivable. They’re doing something that affects far too many people to approach it lackadaisically.

Now, the kernel: if you’re a malicious hacker, you’re going to be looking for exactly these weaknesses. During the Reconnaissance stage, finding a weak CIO or CSO would be a whiff of blood in the water. If a simple scan reveals unpatched vulns, bingo. And if weak or nonexistent network segmentation lets me go bounding through the corporate cyberverse, oh joy, oh glad (assuming I’m that malicious hacker). If I’m NOT a cracker, I’d be testing exactly these same limits because I’d be a pen tester or researcher or bounty hunter or whatever. Right?