Didier Stevens needed to convince someone that patching Windows is necessary. That’s why he made him a short video clip where he uses Metasploit 2.6 to exploit vulnerability MS06-040 on a Windows 2000 SP4 server.

Didier creates a remote shell on the attacked server, connects to it and changes the administrators password to Hacked.

The Metasploit web interface is used to create a higher visual impact.

Installing VMware Server on Ubuntu is one of the most complicated and difficult tasks on the planet (well not really but it’s a pain in the ass). Here is a good article to bookmark to help you (and me) through the process.

Today I purchased the Hacker Techniques, Exploits & Incident Handling track from SANS so that I can obtain my GIAC Certified Incident Handler (GCIH) designation.

I’m very excited about this track as I get to:

1. Evaluate the SANS OnDemand method of instruction which I hope helps me manage my time better than the SelfStudy method.
2. Learn things I’ve always been curious about but have never had in-depth experience in.

I am hoping that this training will add to my Intrusion Detection In-Depth training and associated GIAC Certified Intrusion Analyst (GCIA) designation I achieved by using the SelfStudy method.