Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: EC-Counsil

from [robert] Network Security [Permanent Link]
Subject: Re: EC-Counsil
Date: Tue, 24 Aug 2004 23:04:25 -0700 
Chris Griffin(cgriffin@dcmindiana.com)@Tue, Aug 24, 2004 at 08:13:58AM -0500:

I was looking to see if anyone had any exposure to ec counsil's CEH course.
I have heard mixed views on the ec counsil, but nothing about their courses.


This thread about the CEH seems to come up every couple of months.  I often
wonder if they pay people to keep bringing it up in this list :).

Re-read the list archives.  If you look:
http://archives.neohapsis.com/archives/sf/pentest/2003-11/0046.html <--
actually has revisionist history. Intense School helped make the CEH after
trying to teach an official ISECOM/OSSTMM class. 

http://cert.uni-stuttgart.de/archive/pen-test/2004/02/msg00047.html
http://seclists.org/lists/pen-test/2003/Nov/0017.html
http://seclists.org/lists/pen-test/2004/Feb/0030.html
etc, etc, etc

The CEH is not endorsed by ISECOM (http://www.isecom.org), nor is the
curriculum consistent with the Rules of Engagement listed in the OSSTMM
(http://www.osstmm.org), which is conflicting because they try to teach a lot
from the OSSTMM.

If you want to see the other side of the house, check out ISESTORM -
http://www.isestorm.org.  That is where you will find classes taught by some
of the authors of the OSSTMM, including Pete Herzog, the guy who started the
OSSTMM :).


My main concern is, learning quality stuff that I can put to use in a
security career.


I have heard from many CEH students.  Some have said very good things about
it.  Others have had less than kind things to say.  I think your experience
with a CEH class will come down mostly to the instructor.  However, I will
caution that if you put "Certified Ethical Hacker" on your cv, you will not
be taken seriously at most Information Security professional services shops.


As im sure everyone feels the same, I Dont want to drop my money on
something that looks good, but really isnt going to help build knowledge.


You'll get out of any class what you put into it.  If you go to the CEH, you
will learn something.  It's the same type of thing you'd also learn from any
of the other "hacker" classes.  If you want to learn to think and act like
the Hollywood hacker, then any hacker class will do.  If you want to learn to
think and act like a security professional, then you'll want to go to a 
different class.


Does anyone know if this is quality stuff, or is there something out there
better? (A major factor to me looking at this was, I can find a class local
so I dont have to travel)


If travel trumps knowledge, go local.  If knowledge trumps travel, seek out
the best learning experience possible.

Best of luck,

Robert

-- 
Robert E. Lee
CTO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert@dyadsecurity.com
M - (949) 394-2033

------------------------------------------------------------------------------  
                                                                                
      
Practical and in-demand security skills professionals need in the workplace.

The second security storm from the vision and research of ISECOM:  ISESTORM is
the masters-level education for security auditors and penetration testers from
beginner to expert, security managers, CIO's, CISO's, and any professional
required to work in information security or development efficiently,
thoroughly and correctly.  ISECOM represents the global gold standard for
security testing and auditing methodologies and analysis and ISESTORM is sum
of that experience.

http://www.isestorm.org -- http://www.isecom.org -- http://www.opst.org
------------------------------------------------------------------------------- 
                                                                                
      

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Securing web site with redundancy ?, Steve
Next by Date:  Re: interesting wireless card and linux issue, Mark Blaszczyk
Previous by Thread:  EC-Counsil, Chris Griffin
Next by Thread:  Re: EC-Counsil, Al Smolkin
Indexes:  [Date] [Thread] [Top] [All Lists]