Entries Tagged 'Networking' ↓

A Review of Various IT Information Security Certifications

I recently completed a review of some available training certification paths for IT/IS. If you are interested in a career in Information Security, read on, because sooner or later you’ll need a few of these.

1) GISF (GIAC Information Security Fundamentals) is an entry level examination, and they recommend hands-on practical experience, although none is required.  The target audience for this exam is:

“Professionals who need to hit the ground running and need an overview of information assurance. Managers, Information Security Officers, and System Administrators who need an overview of risk management and defense in depth techniques. Anyone who writes, implements, or must adhere to policy, disaster recovery or business continuity.”–Link

  • Cost: SANS bootcamps are roughly $3500-$4000, not including the proctored exams and an additional $499 for the proctored exams (through GIAC).   If purchased without SANS training, the exams are $899 rather than $499.
  • Available Training: Training is available throughout the year at conferences (in six-day schedules), or online.  Testing is proctored through GIAC, who offers a total of 21 certificate exams. They also advise training through SANS for this exam, by attending their Security 301 course. OnDemand and SelfStudy. (See fig 1A below)
  • Type of Exam: The GISF is  a four hour exam, with 150 questions.  Passing grade is 70%.  This certificate must be renewed every four years.
  • Location: GIAC exams are given online through a standard web browser, 7-10 days after the end of a SANS conference* (if you purchased training through SANS), or 24 hours after payment is received without a bundled course.  You must complete an exam within 120 days of receiving notice of its availability.  (*Exception is the Expert Exam, which is given only once per year.)

2) GSEC (GIAC Security Essentials Certification) is an intermediate level exam.  The target audience for this exam is comprised of:

“Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to     demonstrate an understanding of information security beyond simple terminology and concepts.” –Link

  • Cost: SANS bootcamps are roughly $3500-$4000, not including the proctored exams and an additional $499 for the proctored exams (through GIAC).   If purchased without SANS training, the exams are $899 rather than $499.
  • Available Training: Training is available throughout the year at conferences (in six-day schedules), or online.  Testing is proctored through GIAC, who offers a total of 21 certificate exams. They also advise training through SANS for this exam, by attending their Security 301 course. OnDemand and SelfStudy. (See fig 1A above)
  • Type of Exam: The GSEC is  a five hour exam, with 180 questions.  Passing grade is 70%.  This certificate must be renewed every four years.
  • Location: GIAC exams are given online through a standard web browser, 7-10 days after the end of a SANS conference* (if you purchased training through SANS), or 24 hours after payment is received without a bundled course.  You must complete an exam within 120 days of receiving notice of its availability.  (*Exception is the Expert Exam, which is given only once per year.)

3) GISP (GIAC Information Security Professional) is an intermediate level exam.  Target audience for this certification is:
“Security Professionals that want to fill the gaps in their understanding of technical information security; System, Security, and Network Administrators that want to understand the pragmatic applications of the Common Body of Knowledge; managers that want to understand information security beyond simple terminology and concepts;  anyone new to information security with some background in information systems and networking. Candidates may also wish to use this certification as an independent assessment of your mastery of the (ISC)2 Common Body of Knowledge.”

  • Cost: SANS bootcamps are roughly $3500-$4000, not including the proctored exams and an additional $499 for the proctored exams (through GIAC).   If purchased without SANS training, the exams are $899 rather than $499.
  • Available Training: Training is available throughout the year at conferences (in six-day schedules), or online.  Testing is proctored through GIAC, who offers a total of 21 certificate exams. They also advise training through SANS for this exam, by attending their Security 301 course. OnDemand and SelfStudy.
  • Type of Exam: The GSEC is  a five hour exam, with 250 questions.  Passing grade is 70%.  This certificate must be renewed every four years.
  • Location: GIAC exams are given online through a standard web browser, 7-10 days after the end of a SANS conference* (if you purchased training through SANS), or 24 hours after payment is received without a bundled course.  You must complete an exam within 120 days of receiving notice of its availability.  (*Exception is the Expert Exam, which is given only once per year.)

4)  CCSP (Cisco Certified Security Professional Exam) offered through its Networking Academy.

  • Cost: Costs vary widely as you can schedule just for the exam, or take the courses through their Academy in conjunction with another provider (such as a college.)  Prerequisites include the CCIE or both the CCNA and CCNA Security coursework.
  • Available Training:  There are various exams and books required for this exam.  You can find information about all of the required exams here.
  • Type of Exam: Computer based.  Cisco Professional level certifications are valid for three years. Recertification by passing any 642 exam that is part of the professional level curriculum or CCIE/CCDE written exam before certification expiration date.
  • Location:  Tests are given through Pearson Vue, scheduled online to find a center close to your location.

5)  Security+ (CompTIA) certification is aimed at IT professionals who have two years on-the-job networking experience, with an emphasis on security. It is an entry-level, vendor-neutral certification which makes a great stepping stone to more advanced certifications, such as the ISC2 SSCP and CISSP, and the SANS GIAC. It also may be used in some Microsoft certification tracks.

  • Cost:  Cost of the exam without a discount voucher (generally available through books used to study for the exam) is $258 (Link).  Cramsession.com has the price listed for CompTIA members as $175, $225 for non-members.
  • Available Training:  Training for the exam can be done through many training     locations, which links are provided for on the CompTIA website.  You may also     study for the exam on your own using many test reference/study guides widely available.
  • Type of Exam:  Multiple choice computer based exam.  60-70 questions, few simulations.  90 minutes to complete the test.
  • Location:  Can be taken at various testing locations worldwide through PearsonVUE or Thomson Prometric.

6)SSCP Certification (ISC)2 “is the ideal credential for those who are the hands-on practical technicians; the enforcers who everyone goes to for answers.  You would implement the plans and policies designed, planned and managed by the CISO or CSO who would typically hold the more advanced Certified Information Systems Security Professional (CISSP®) Gold Standard certification from (ISC)2 and operate in a managerial capacity as opposed to hands-on like you.”–Link

  • Cost:  Exam cost is $250 for early registration, $300 standard registration.
  • Available Training:  Training is available through bootcamps, online vendors,     and self study CBT.
  • Type of Exam:  Multiple choice computer based exam.  125 questions and 3 hours to complete.  Passing score is 700.
  • Additional Information:  Along with the exam, you must present a completed endorsement form (Found here).  ISC2 reviews resumés in order to     determine your 1 year of required professional experience.  They also randomly audit test takers post-examination prior to awarding your certificate, to be sure you have the required credentials and industry good standing.
  • Location:  In New York, there are exams in Buffalo, Albany and NY City.

Good luck completing your goals, and I hope this list helped you find the certifications you were looking for!

Separate Public and Private Wireless Network Using Two Routers

How to create a separate public and private wireless network using 2 routers

Setting up a separate public and private wireless network is not that complicated. It involves basic setup of a router, and its wireless network. In order to create the two separate networks, you set up both routers (R1 and R2), their wireless networks, and plug R2’s WAN port into one of the LAN ports on the back of R1. The networks will essentially be separate, but use a single modem (the same ISP connection for the Internet.)  I created a separate public and private network using this method for a client’s restaurant. The client did not want customers to have access to the private network, yet still wanted to provide a wireless hotspot for patrons.

As far as firmware goes, I recommend using DD-WRT’s firmware and a compatible router, which you can find a list of here: DD-WRT.  Not mandatory by any means, as you should be able to set up separate wireless networks with the stock firmware of just about any router on the market.  By following my setup, you will completely separate the public and private networks, other than access to the private router’s login page from the public network.  Be sure to set a strong password for both routers’ login information, which is mandatory no matter where you’re setting up a network.  If you have a couple of routers on hand and this isn’t clear enough, feel free to shoot me an email describing your setup, and I’ll do the best I can to walk you through that model’s setup screens.

Step 1: First, set up the private router (R1).  I usually do this disconnected from the Internet, by simply plugging an ethernet cable into the switch on the back of the router.  No need to connect to the WAN port yet.  Access your router’s login screen. Login and immediately change the password, make sure it is strong (upper and lowercase letters, at least one number, and a special character or two).

Step 2: Apply your settings, and login using the new password, if necessary.  Next, choose your router name, your IP range (I’m using 10.0.10.x for this setup), and turn on the DHCP server.  You can also set the number of clients, etc.  Set R1′s address to the first addressable host (x.x.x.1) on your IP range, for ease of remembering where it is.  I use 10.0.10.129 for my start range on DHCP because I like to leave a lot open for static IP’s; this allows plenty of room for printers, NAS storage, servers, etc.

Step 3: Next, set up the wireless portion of the R1 ( if you want wireless capability on the private network) This can also be set to “off” should you not require wireless setup.  You absolutely want a very strong passphrase (something like, n0W1rel3$$4U) on your private wireless network (use WPA, not WEP if you can). There’s no sense in going through the trouble of having a second, public router, only to leave your wireless access open.  You can leave the SSID set to broadcast, but this allows people to see the wireless network and attempt to connect.  This shouldn’t be a problem so long as you have a strong password.  Leaving broadcast “off” will not stop someone from finding it if they really want to, however, so the encryption still needs to be on.

Step 4: You can now plug in your WAN port from R1 to your modem, and verify you have access to the internet.  Check your wireless as well, to be sure everything is working as it should.

Step 5: Next, you want to setup your public network on your second router (R2).  Again, leave the router disconnected from the R1, simply plug in your computer to a port on the back of R2 and navigate to its setup screen in your browser.  If you also have a wireless connection (such as setting this up from a laptop) be sure to turn it off for now, as you will not need it.  This is especially true if you used wireless to set up the first router, as it might confuse the network connections and not allow you access to the setup screen on the second router.

Step 6: Set up a new username (if your router allows it) and password, and save your settings.  Next, setup the network address.  If you followed my first router setup and used 10.0.10.x for R1, use 192.0.10.x for R2. Again, set the router’s address to the first addressable host (192.0.10.1).  Turn DHCP on, and setup your maximum clients, and your DHCP range.  You could probably set this to 192.0.10.2 if you don’t need static IPs on the public network.  If you are going to have a public accessible printer, set it to 192.0.10.10, so you can have a few static IPs if you ever need them.

Step 7: Apply your settings, and log back into the R2 by going to the router’s new address in your browser.  It is highly recommended to set the R2′s WAN PORT to STATIC IP and set the address to something R1, outside of the DHCP range. See the screenshot below (click to enlarge).  Basically, I set it up to be the second host on the router’s network, 10.0.10.2.  The gateway will be 10.0.10.1, subnet mask 255.255.255.0.

WAN LAN Setup Screen Public Router

WAN LAN Setup Screen Public Router

Step 8: Apply your settings, and you can now set up the SSID (be sure to pick a name different from the private router) and client type for your public network.  If you want people to be able to access it, leave the encryption off, and broadcast the SSID.  You may want to look into a hotspot server, such as set up a DD-WRT enabled router with Chillispot, but that is out of the scope of this post. To really make this work efficiently, you may want to set the channels of both routers apart (i.e., one to channel 1 and one to channel 11), but you can also leave them on auto.  Another idea might be to have the public network on the 5ghz spectrum, as it would get less interference from surrounding networks and give your clients a better experience.  An Airport Extreme or a TRENDnet TEW-672GR offer dual band functionality, although you sacrifice not being able to run the DD-WRT firmware with either of those.

Step 9: Finally, disconnect your computer from the R2.  Plug R2’s WAN port into one of the switch ports on R1.  You can now use a wireless connection to verify internet connectivity through the public router’s SSID.

Step 10:  You should probably reboot everything at this point.  Power down the modem and both routers. Leave off for 30 seconds, and plug the modem in again.  Allow it to fully boot, then turn on the first router, allow it to fully boot.  Turn on the second router, and you should be good to go.

Creating a Cat5/Cat6 cable for Ethernet

Here is a POV snail’s paced video explaining the magic of wiring your own *straight through* patch cables on the cheap; rather than paying someone to make one for not so cheap.  Scroll down if you just want to see how I do it and don’t care about an explanation.

I assembled the cable as T568B wiring:

  1. White/Orange
  2. Orange
  3. White/Green
  4. Blue
  5. White/Blue
  6. Green
  7. White/Brown
  8. Brown

The numbered list above (and below for T568A) are in pin order.  You stick these colors into the connector with the tab of the connector closest to the floor, and the open end of the connector at your belly.  Pin one would be on the left sticking the cable in the open end, holding connector as described.

Although it really doesn’t matter where the colors go as long as they are the same on both ends (straight through.)  You should conform to the standards set forth, but it isn’t because the cable wouldn’t work otherwise.  There is also the T568A standard, which is:

  1. White/Green
  2. Green
  3. White/Orange
  4. Blue
  5. White/Blue
  6. Orange
  7. White/Brown
  8. Brown

So with that in mind, you could theoretically ignore all convention and just make sure that the color on one end matches the color in the same spot in the connector on the other end.  That’s ghetto but functional.

If you are reading this to learn it as a source of income, then you’d better learn it the proper way or you won’t be working for long.  Also, your butt might be sore for a while due to a client’s boot stuck in it.  Some companies out there doing video surveillance cameras in the Briarcliff area know what I’m talking about.  Making cables all willy-nilly, and no way to even test them! Plug one end into the router, the other end into the back of the PC, and pray?  Oh brother…get the F*$# out of my office!  This here video is for you guys, and keep the shoe.

Anyway, on with the show, and good luck saving yourselves some cash!

Click To Open Movie

Click To Open Movie