Well, this will be my last entry before the test. I have been studying for this test for quite a while, and hopefully all this preparation will pay off. If there is one parting thought to give it would be this: just because you read about a tool, technique or procedure does not mean you know what it does or how to do it. It’s a little bit like that line by Seraph in The Matrix Reloaded ‘You do not truly know someone until you fight them’. It sounds odd when applied to people, but it makes TOTAL SENSE when applied to computers:

One doesn’t really understand until one actually applies the knowledge; make it work, play around with it and break things, then get it working again. Once you’ve done that, only THEN do you really have an understanding of that tool, technique or procedure. Because hearing about a thing and being able to actually USE that thing are two, totally different. . . . . . things!


Oh, and don’t try to use Ettercap in VMWARE with NAT mode enabled. 😉


My parting gift (because I can’t do this after I take the test):

SANS GSE bring-along guide 2015-03-08