if you didn't catch my comment in the last hack-test thread, then let me just say that all those hack-test sites are the biggest waste of time, period. you will never hack into anything by finding a password in a background image. sorry, it's just not gonna happen. but if you love the movie hackers and you think worms really look like underwater sea creatures, then by all means, try to get to that kajillionth level. but when your all done and you try to pentest something in the real world, don't feel bad when you cant use GIMP to break in. [/rant]

now, if you want a real world scenario where you actually learn and use REAL skills and techniques, then keep reading There was a guy at the last blackhat convention who's company got bought out and they shoved him into a pentesting position. he was good with computers/unix but didn't have the slightest clue about pentesting and whatnot. just like we all heard at one point or another, building a lab was the way to go. but if anyone's ever built a lab, then you know his next problem: if you build it, you know how to break it, so there's no learning involved. and on top of that, he didn't know what a real world scenario was.

well, luckily for all of us, this guy put together liveCDs that solved those problems. take a trip on down to http://de-ice.net and download the level 1 cd's. level 2's aren't out yet. but there's 2 level 1 cd's that you can load up and start chipping away at. the tools required? back|track2. everything you need to solve the scenarios are in backtrack.

i just downloaded them the other day and am going to start working on them today. unlike sites that hold your hand through the process of looking at background images to find passwords, these cd's are built in such a way that you can't do the nmap->nessus->exploit. if you scan them with nessus you wont find anything, that's where you gotta use actual skills. and if you get stuck, there's a help site running on the cd to give you hints.