I've been playing around with the WHoppix live CD and I really like it. I especially like the hydra tool. Also, I have been experimenting with the Metasploit Framework a little. I would eventually like to be able to take a vunerability and port it to the Metasploit Framework. I need more memory in my laptop because I am doing my experimentation by hacking from one VMware virtual machine into another and I only have 512MB of RAM.

I've also just starting experimenting with the auditor cd. One of the problems when trying to break WEP encryption is that you have to have enough traffic to get enough of the right kind of packets or whatever for the algortihms to do their magic. Anyway, the auditor cd has some stuff on their that can help out with that. Like, void11, for example, has a deauth feature, that I believe can flood the access point with deauth packets that will generate a bunch of traffic. Also there is a way to capture and replay ARP packets. But I haven't looked into it yet.

I passed the CISSP exam. I took it in FT Lauderdale, Florida on July 31st after attending the Intense School CISSP Boot Camp. I thought that the Intense School did a good job of preparing me for the exam. I studied pretty hard outside of class for the week before the exam, and for about a week before the class started. I also had a pretty extensive background in computer security. But, the class combined with the reccomended practice questions that they give you to study during the night really prepared me for the test.

Randy