During my C|EH class a few months back my instructor was distributing various class materials through Dropbox. Now I had heard of Dropbox at that point but didn’t believe I had a use for it. After watching how simple it was for him to transfer files from his local computer to Dropbox, I was hooked.

Dropbox comes with 2GB of free space while offering more space for a monthly fee. Your Dropbox files can be accessed in two ways, through software or using a browser. The software is a tiny application that runs in the background. The Windows’ client adds a Dropbox folder to Windows Explorer making it very easy to save files directly to Dropbox. Files are synced almost instantly as long as there is an active internet connection.

I can envision a number of uses for software such as this. Many of which I know are all ready in use in a number of organizations. Need a cheap offsite backup? Want to share files between your PC and iPhone? Need to quickly make some files available to a group of friends using a variety of internet capable devices? Dropbox is the answer.

Dropbox isn’t perfect and recently had a very serious security breach. A breach like that could be a huge deal if a company was storing non-encrypted data containing personally identifiable information with the service. Good luck reporting that to relevant authorities.

The simplicity of the Dropbox’s service makes it something even computer novices can make use of. The security risks are there, but really are not much different from any other cloud storage service. With the ever increasing number of operating systems and internet connected devices we use, utilizing a service such as Dropbox can make our lives easier. Just make sure to encrypt those precious Justin Bieber songs to save everyone the horror of having to listen to them when they end up on the torrents.

Three new cases were dropped on my desk this morning, and the cases range from two to six servers. Each case will require the relevant network to be hosted for six or more months. It looks like we’re going to be putting the new server room to use sooner than we thought.

We’re going to have a nice mixture of operating systems and hardware. It’s going to range from decade old HPs to brand new Dells. I’m going to take a wild guess and say that we’re going to be getting some use out of the old hardware we have hanging around in the form of replacements.

One of the networks is currently being hosted over at a hosting company in Boston. They are providing cooling and electricity only, no administration whatsoever. As you can imagine the network is slowly falling apart as disks become full of logs and the operating systems fall further and further behind in security updates. One server in particular is in quite poor condition. For some reason or another, the administrator gave a Server 2003 a 8GB operating system partition (really?). If that wasn’t bad enough, the server is also the terminal server which means it has a fair amount of user profiles flooding the operating system partition.

I believe a number of the servers need to have their computer accounts reset due to a lost trust relationship with the domain controller. Either that, or the former admin is having some fun messing with the firewalls. Either is possible considering I have very little to no information about the network configuration.

It shaping up to be an interesting next few months!

Well it has been a long time coming, but I’ve finally decided to get to work on my CCNA. For the past seven years I’ve concentrated primarily on systems administration and computer forensics while only dabbling in networking. The C|EH class piqued my interest in how those packets are getting from point A to point B.

I began purchasing my lab equipment a few weeks ago with advice from my friends at TechExams. I grabbed a Cisco 2611XM router off Ebay for $140.00 and found a 2611, 2610, and two 3650s sitting unused in our server room. Additionally I grabbed two WIC-2T’s and some smart serial cables to link the 2611XM with the 2610 since the 2610 only has a single fast Ethernet port.

My friends over at TechExams also recommended picking up the Sybex CCNA book by Todd Lammie. I’m about halfway through it, and exempting the multiple typos, the book is very solid. He does a great job of explaining fairly difficult concepts.

I have to admit, I haven’t been this excited about learning for a while now. The fact that there are about 36 steps that take place between a successful ping is crazy. Technology truly is fascinating. I’ll be updating the blog with my progress as I work to understand networking the Cisco way.

I promised a review of the EC-Council Ethical Hacking and Countermeasures iClass two weeks ago, so here it is folks!

Let me start with how the class is structured. The iClass is an online class that uses the Elluminate eLearning platform. The class runs from 8AM MST (10AM EST) – 4PM MST (6PM EST). From 8AM – 2PM is lecture and from 2PM-4PM is hands on labs using two virtual machines hosted by EC-Council.

My instructor for the class was a security professional with over a decade of industry experience. To put it simply, he knew his stuff and he did a wonderful job of communicating the concepts to the students. I really liked how he made the concepts more understandable by linking them to real life scenarios he has encountered during his career. Surprisingly he was able to keep the five hours of lecture interesting and made sure he was available to answer questions on the lab even after hours. There is nothing negative to say about him, he was stupendous.

The class comes with five books. Four books are used to accompany the lectures and the fifth book consists of labs. There were a number of mistakes in the books had been there for many editions according to the structure. The lab book was especially bad, it was almost like the printing company did not have the capability of printing the number of seven, because close to every module had two lab eights an no lab sevens. The content of the books really has no use outside of the class due to how much it relies on the slides that the instructor explained during the lectures.

I found some of the labs useful, but there were a number of labs where you were required to use five or six tools that did the same exact thing. Many of the tools were dated and would not run on my personal Windows 7 VM. EC-Council needs to cut out about half the labs and put more focus on nmap and Wireshark. Demonstrating some of the Linux tools would have been nice as well to help reinforce the concepts.

I did not care for the Elluminate eLearning platform. The instructor’s screen locked up at least four or five times a class forcing him to log out and log back into the software. This resulted in wasted class time. Hopefully EC-Council will see the light and switch to a more stable eLearning platform.

Prior to the class I was reading CEH Certified Ethical Hacker Study Guide by Kimberly Graves. I would recommend you do the same if you plan on taking the class. Having a basic understanding of the concepts is key to dealing with the speedy pace of the course.

To sum it up, the course is worth the time if you have the $2,700 to spend. However, I don’t believe the course is necessary to pass the exam. The Sybex book and some hands-on self-study would be sufficient. I took the course primarily to meet my CPE requirements for the CCE and EnCE. I’m still unsure as to whether I’ll take the exam, I’m simply not sold on the usefulness of the C|EH.