Sorry about the lack of updates, devoted followers.
I just finished my MTA Web Development Fundamentals certification, that was fantastic to get out of the way. Next up is CCENT, so that will be fun. I just started a tumblr (Misadventures), but that’s more general interest than this site.
I really need to work on updating this more…
I’ve recently started my Web Development course at WGU, and holy cow. My first realization is I should have probably done Software Development first. My second is that I am terrified of this certification.
C# is an entirely new language to me, and I have about four weeks to pour myself into learning it and all about ASP.NET. I am definitely intimidated, but it’s going to be a great asset towards my future career. I think I’m probably going to create some videos documenting the hilarity that will be my education on this matter and post them up here, as well as hold myself to writing an entry every week that will share what I’ve learned and how much advil I’ve consumed. Oh, and caffeine. Definitely the caffeine. On the brightside, I’ll have a chance to update/refresh my HTML and Javascript knowledge…how can that go wrong?
As if this all isn’t enough, I’ve set myself the goal of completing Udacity’s CS101 course. I’ve learned Python, as you know from my posts, but I think it’ll be good to use it towards creating an actual script. What’s more attractive than a webcrawler and search engine? That’s what I said.
Stay safe,
Iago
I passed Project+ today. I’ve also had amazingly difficult things happen in my personal life the last two weeks. So, I’m pretty proud of this accomplishment.
Due to these tumultuous events, I’m going to have a *lot* more time to work on projects and school. I’m fairly excited about that. I also really need to find a job in Northern California within the next six months. There are a metric ton of IT jobs out in the Bay Area, Sacramento, and Fresno…but I’ve struck the experience cycle again. MANY of them require half a dozen years of experience in any given subset. So, that’s going to be moderately difficult.
I intend to write my cover letters to reflect my immense personal interest and passion in IT and security. Hopefully between that, my current certs, and the ones I will gather in the next two years I can land a decent job for the area. If you have any leads, by all means, let me know!
Hopefully within the next week I’ll be adding my HTML resume to the site. So, look for that.
Stay safe,
-Iago
So, when my kids became school aged I thought it would have a positive impact on my life in terms of scheduling. Boy, was I wrong.
Over the last month I’ve been working on Project+, trying to solidify my knowledge and get myself to a position where I have working knowledge of project management. I’m hoping that this certification only adds to the appeal of my resume, as it’d be fantastic for people to stop looking at it and saying “This dude doesn’t want to do computers, his whole background is in law enforcement!” I think that’s hilarious, especially since information security is the de facto law enforcement of the internet.
It’s really amazing to me how true that’s become. I think back to a cartoon showing the “police of the future” working on computers to find a bad guy, then going to getting him. It’s not *quite* like that, and I’m not sure it ever will be, but it’s definitely close. Think about what they do in the field: They investigate malware, building evidence linking it to servers, botnets, state actors, corporations. They tear network breeches apart, analyzing the most minute amount of evidence (packet data), and try to determine where the person went, what they wanted, and where they came from. They have the ability to overtake a CinC of a botnet, revoke certificates and issue their own. They can build evidence of crimes in the physical world by quick freezing RAM, remote recovering hard drive data off of cell phones, and monitoring activity without anyone noticing.
It’s amazing stuff, it’s exciting stuff, and I hope I can join their ranks eventually. I know that I am working as hard as I can to get there, and if anyone wants to sponsor me for some SANS courses that’d be awesome 
Stay safe,
-Iago
I recently took the dive and purchased a 256GB OCZ Vertex 4 SSD. It was a NewEgg sale, so I figured…why not? I also threw another 6GB of RAM into my rig, for a grand total of 12GB. Hey, sometimes I run several VMs at once, a man can dream he needs that much RAM.
Anyway, so I was torn between a fresh install of Win7 on the SSD and just migrating it. This is where trying to do things the “easy way” smacks me in the face again.
I heard of a program called “Paragon Migrate OS to SSD”. This thing can, apparently, let you custom create an image to transfer to your SSD. It’s supposed to be fully automated. It’s produced by a company based out of Germany called, you guessed it, Paragon. It costs about $20 and it struck me as being a good price to automate a migration. Boy, was I wrong.
I’m used to seeing programs that aren’t perfectly coded or presented, it comes with using open source stuff. Well, this wasn’t open source and it should have been my first clue that the product I was about to use was…iffy.
I defrag my HDD (it was at a shocking 23% fragmented…I was ashamed) and go about the business of shrinking down my programs to an acceptable size for the SSD. Then, last night, I set aside a few hours to migrate. Needless to say, a few support emails later I requested a refund.
The program would freeze, chew up CPU doing what appeared to be nothing, and throw random errors. Now, errors like “unable to read file” or “invalid parameter” might be things you expect to see in a program that’s designed to hot copy OS files. Not so much. To copy these files it threw a request to restart and re-ran itself prior to the OS loading. After it threw these errors, it froze which resulted in me having to hard restart. I was disappointed.
Support, which I have to admit responded in a shockingly quick 7 hours, told me to run CHKDSK and SFC /SCANNOW…general troubleshooting when you’re dealing with a file system. He also issued me a service copy of the program, insisting that would work. If not, just ask for a refund. It’s never, ever good when the first support email concludes with offering a refund.
Anyhow, now I’m burning a Win7 ISO and backing up my personal files. It’s something I knew I should have done in the first place. I guess I just needed a reminder that when you need something done right the first time just do it yourself.
Stay safe,
-Iago
…is a real pain. Man. So I’m trying to settle into a routine and obviously I’m not doing too well in terms of this blog. Between all of the other stuff I have going on, I really need to find more time for this.
Needless to say, I’m studying for Project+. Python is on the backburner. I’ve been messing with OWASP. I have a half dozen VMs running BT5 (which I have to update to R3), Metasploitable, SIFT, REMnux and other OS’s. I’ve been playing around with Web Apps, mostly. Burpsuite and Wireshark a lot.
Anyway, I gotta go try to catch some sleep.
Stay safe,
-Iago
So, I’m doing Learn Python the Hard Way, by Zed Shaw. It’s an AMAZING tutorial. I’ve tried several before, I even wasted $5 on an ebook (Don’t I feel stupid.) The way Zed lays out each lesson, makes you repeat stuff over and over, and continuously re-introduces old material…I mean, it’s perfect. So, if you’re interested in learning Python, SQL, Ruby or C you should definitely check out his(?) website.
Anyway, so I’m nearly done with his lessons but I’m at the part where it takes a whole bunch of time to actually work through designing your own little text-based adventure game. It’s pretty rudimentary, right now I have a start point, three “rooms” each with three choices, and then three more rooms underneath them that I’ll eventually map back together towards one or two “end” rooms. It’s exciting, very exciting, to do this. I have found that I thoroughly (for now?) love to code. I cannot wait to continue playing with and learning Python and then moving on to learning another language (Java? SQL?).
Probably the most amazing thing that I’ve learned in the short time I’ve had to think about how code works is that it is SO applicable to life. Breaking a big goal down into smaller, manageable goals, and then making sure those smaller goals work the way you want before moving onto the next piece. Perhaps it will teach me some better organizational and goal setting skills? Who knows, all I know is that it’s a blast.
Anyhow, the end of the tutorial is putting your game onto the web. Soooo…in the next month or so expect to see a new “Game” page on here where you can run through my modest little adventure, collect items, and see your “high score” posted!
Stay safe,
Iago
So I’m working on my degree through Western Governors University and I have to sit through some classes that I’ve probably taken two or three times before. The college world is really frustrating sometimes, especially when you’re balancing a full-time life with it. Anyway, on to the point.
I’m taking a class called “IT Fundamentals I”, which is funny because I don’t have to take “II” or “III” in the series. So, in this class they cover the most rudimentary things. It’s basically a watered down introduction to the CIA model (Confidentiality, Integrity, Availability). It’s pretty entertaining. Here’s the awesome part, and what I plan to talk about: I get a CIW Web Foundations Associate certification.
What the school does is amazing when you’re a professional or trying to break into a career: They give you industry certifications as you complete course work. Well, they don’t give them to you, but it’s considered the final exam. So throughout my degree program I’ll gather up about 12 different certifications. TWELVE! I mean, that’s definitely a selling point for the school and it should help me meet the arbitrary job requirements most places have these days, but all of those certifications?
It reminds me of the many arguments over certifications that I’ve seen on blogs and Twitter. What, really, are the value of certifications? If companies require certifications, more people will get them. As more people get them, the market is flooded with it. What happens next? Companies require even more certifications. It’s the same slow march we’ve seen in the area of basic education. Some may argue it’s because requirements have increased, but can you really tell me that someone with a Masters that has never worked in a field is better than a GED who has worked the field for ten years? I don’t think so.
If I walk into a job interview with half a dozen MTA certs, Security+, CCNA, CCNA:Security…but I have never had practical hands on, what worth are the certifications? They’re effectively a book test that you can study for, memorize, and pass. Aren’t they? Well, some of them are. Some of them are just a necessary evil that, I suppose, show you’re interested in the field enough to pay for them. I’m not going to complain too much until I’m established within the industry. Don’t want to go burning any bridges…
Until next time,
-Iago
So, here I am. Sitting on a domain, setting up a blog, trying to figure out what the hell I’m doing.
I have no idea. I really don’t, and I don’t have an issue saying so. I’m here to learn and to share what I learn with the masses. What do I want out of this? Where do I begin…
I want to break into the InfoSec world. I want to learn to code, and learn to love coding. I want to poke around programs and websites to find the ways that the good guys, and the bad guys, can get into your system and break your stuff. Most of all, I just want a job I can enjoy. I’m sure you’ve heard that your “vocation should feel like a vacation.” I’d like to get to that point, sooner rather than later. I think this is just another step in that direction. Will it work? Who knows. We’ll see, right?
I think that will do for an introductory post. I gotta figure out where I’m going with this and how it’s going to be. Should be…fun?
-Iago