From: Peter Manis (manis@digital39.com)
Date: Wed Aug 29 2007 - 11:09:57 EDT
My real interest in obtaining the CEH is for personal validation that
I know the things that the security world says I should know to do
that job, the basics that is. Some say it is a joke, and maybe it is,
but being new to security there is a lot to soak in. I don't know I
guess it just seems like a good starting point for the other stuff.
The OSCP course is awesome, and I have learned how to find buffer
overflows, arp spoofing and metasploit, but there aren't explanations
as to why you would use one nmap switch over another like in the CEH
videos I watched. Obviously if the training doesn't tell me I need to
look it up myself, that part is a no brainer, the hard thing is what I
need to be looking up, what do I need to know that isn't in the video
I am watching or the article I am reading. With so many tools and
possible ways to gain access to a system I am looking at
certifications as a guide to what I need to know. Either that or a
need to find a mentor, who wants to be my yoda?
In the videos I watched for the CEH the exam came across as a book
smarts exam, where memorizing a man page is going to do more for you
(in regards to the exam) than hands on experience. So I can see for
security professionals it would be somewhat boring as a lot of the
things you would learn earlier in your career.
On 8/28/07, xelerated <xelerated@gmail.com> wrote:
> I have taken the CEH, CISSP and OPST
>
> I have to say that the OPST was by far the most valuable
> to expanding or enhancing my skillset. Its hands on, you cant
> memorize the answers, you know it or you dont.
>
> The CISSP was an employer requirement and in studying for it
> I did learn mostly about risk based audits. But as we know risk
> is not security.
>
> The CEH while I thought it was cool (this was some years ago, v3)
> Im almost ashamed to say I have it. The people that think its cool
> are not really the type of people i'd want to work for.
> Its a fast track to being a script kiddie.
>
> Just my 2 cents.
>
> Chris
>
>
>
>
>
>
> On 8/27/07, Peter Manis <manis@digital39.com> wrote:
> > Thanks Michelle,
> >
> > Before starting the OSCP course I my ability to perform many of the
> > tasks in penetration tests was very limited. The OSCP course, for me,
> > has a great method of presentation for learning, but not elementary
> > enough that someone with experience might get bored (can't really say
> > though).
> >
> > For example in the buffer overflow section he goes over writing
> > overflows and really gets into the nitty gritty with debuggers,
> > locating memory addresses. You see how to find the bug, write the
> > overflow, and exploit the machine. He doesn't however go so basic
> > that he explains endianness or actually explaining the background of
> > buffer overflows it is up to you to research a number of topics.
> >
> > On top of the training you have access to a VPN lab (if you get the
> > package) to test these tasks out. Just a note, the cost of the
> > training is changing on the 1st of September and I can only assume it
> > is increasing.
> >
> > Here is a demo of the training from the site.
> >
> >
> http://www.offensive-security.com/movies/01intro/01intro.html
> >
> > On 8/27/07, Michelle Duff < mduff@tampabay.rr.com> wrote:
> > > Good luck with the job search, Peter - would love to hear how it turns
> out
> > > for you.
> > >
> > > Thanks for the OSCP info -- I'd heard of it, but didn't know what the
> > > training was like - good to get the skinny on a course.
> > >
> > > I took the CEH course from InfoSec Institute - it was a bootcamp thing.
> > > Typical bootcamp mode of learning - quick & dirty.
> > > We did do capture the flag stuff which was lots of fun, but it always
> came
> > > at the end of a 11 hour day of studies geared towards getting us to pass
> the
> > > CEH exam. Now I'm home playing w/ the VMware environment trying to
> recreate
> > > similar capture the flag sessions.
> > >
> > >
> > > ----- Original Message -----
> > > From: "Peter Manis" <manis@digital39.com>
> > > To: "Michelle Duff" < mduff@tampabay.rr.com>
> > > Cc: "Jay" <jay.tomas@infosecguru.com>; <pen-test@securityfocus.com>
> > > Sent: Monday, August 27, 2007 1:19 PM
> > > Subject: Re: CEH Books
> > >
> > >
> > > >I agree as well, which is one reason I picked the OSCP before the CEH.
> > > > To pass the OSCP I need to actually perform an attack on a machine.
> > > > Of course this is not equal to real world experience, but as a start
> > > > towards moving to security I felt HR may look at my resume and have
> > > > interest in hiring me as an entry level tester because I have proven I
> > > > can apply the knowledge I have learned vs just memorizing nmap
> > > > switches and port numbers (not that the exam doesn't cover more).
> > > >
> > > > When I watched a few videos of CEH and read through the material on
> > > > the exam it seemed the CEH was more like the first few classes at med
> > > > school (from what I've heard), you have to memorize a bunch of names,
> > > > functions, and instruments, but it isn't until later that you get to
> > > > break out the tools and apply that knowledge.
> > > >
> > > > - Pete
> > > >
> > > > On 8/27/07, Michelle Duff <mduff@tampabay.rr.com> wrote:
> > > >> Excellent point, Jay.
> > > >>
> > > >> I agree whole-heartedly -- having gotten a number of certs in my
> career:
> > > >> CISSP, CCNP, MCSE and not enough hands-on led to my being viewed w/
> > > >> general
> > > >> contempt by those who knew their stuff & didn't necessarily have the
> > > >> certs -
> > > >> I was a 'poser' - it stinks to be viewed that way.
> > > >>
> > > >> You must have the hands-on -- read, study, test -- all good. But you
> must
> > > >> do
> > > >> this stuff - touch it, do it, think it or you'll get the same
> treatment I
> > > >> did.
> > > >>
> > > >>
> > > >>
> > > >> -----Original Message-----
> > > >> From: Jay [mailto:jay.tomas@infosecguru.com ]
> > > >> Sent: Monday, August 27, 2007 11:12 AM
> > > >> To: mduff@tampabay.rr.com; manis@digital39.com;
> > > >> pen-test@securityfocus.com
> > > >> Subject: RE: CEH Books
> > > >>
> > > >> <rant> If you could learn to hack/assess from reading a book everyone
> > > >> would
> > > >> do it. Does a carpenter go get a book to learn to swing a hammer.?No
> he
> > > >> goes
> > > >> out and does it and probably smashes a few knuckles in the
> process.The
> > > >> most
> > > >> important part of hacking/assessing is opening your mind see where it
> > > >> leads.
> > > >> There is a million ways to check for XSS, CSRF etc. You have to be
> > > >> determined and flexlible. Try things even though it shouldn't work.
> > > >>
> > > >> e.g I was looking for XSS in a input field. Tried all the normal
> stale
> > > >> "><script>alert('XSS')</script> type syntax. - nadda.
> > > >>
> > > >> Only after I padded it with 20 null characters (%00) on each side it
> did
> > > >> pop.
> > > >>
> > > >> Reading should give you 'ideas' after that its up to you.
> > > >>
> > > >> CEH is a baseline like most certs. It says I sat through a week of
> > > >> training
> > > >> and then I took a multiple choice test. May mean I know my stuff and
> want
> > > >> to
> > > >> documnt it to an extent. Or I May be good at tests and dont know sh@t
> > > >> about
> > > >> security.</rant>
> > > >>
> > > >> Jay
> > > >>
> > > >>
> > > >> ----- Original Message -----
> > > >> From: Michelle Duff [mailto:mduff@tampabay.rr.com]
> > > >> To: manis@digital39.com,pen-test@securityfocus.com
> > > >> Sent: Fri, 24 Aug 2007 01:01:23 -0400
> > > >> Subject: RE: CEH Books
> > > >>
> > > >> Peter -
> > > >>
> > > >> Sorry, I haven't read those books...when I can't find anyone who's
> read a
> > > >> study book, I'll check out the reviews on Amazon.com - granted, the
> > > >> reviewers may not always have a clue, but the more the book is
> reviewed I
> > > >> can get an idea if it's what I need & if it's any good... I've had
> good
> > > >> results w/ this method.
> > > >>
> > > >> Amazon readers gave Michael Graves' Exam Prep book a good review:
> > > >>
> http://www.amazon.com/Certified-Ethical-Hacker-Exam-Publishing/dp/0789735318
> > > >>
> /ref=sr_1_1/102-9254239-5172111?ie=UTF8&s=books&qid=1187930981&sr=1-1
> > > >>
> > > >> Amazon readers also gave Kimberly Graves' Review Guide good marks:
> > > >>
> http://www.amazon.com/CEH-Official-Certified-Ethical-Hacker/dp/0782144373/re
> > > >>
> f=sr_1_1/102-9254239-5172111?ie=UTF8&s=books&qid=1187931127&sr=1-1
> > > >>
> > > >> Hopefully, someone here has read the books and can comment on them.
> > > >>
> > > >> Good luck!
> > > >>
> > > >> Michelle
> > > >>
> > > >>
> > > >>
> > > >> -----Original Message-----
> > > >> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com ]
> > > >> On
> > > >> Behalf Of Peter Manis
> > > >> Sent: Thursday, August 23, 2007 6:09 PM
> > > >> To: pen-test@securityfocus.com
> > > >> Subject: CEH Books
> > > >>
> > > >> I found two CEH books on Alibris and I was wondering if anyone had
> > > >> experience with either.
> > > >>
> > > >> Certified Ethical Hacker: Exam 312-50
> > > >> by Michael Gregg
> > > >>
> > > >> CEH: Official Certified Ethical Hacker Review Guide
> > > >> by Kimbery Graves
> > > >>
> > > >> Thanks,
> > > >>
> > > >> - Pete
> > > >>
> > > >>
> ------------------------------------------------------------------------
> > > >> This list is sponsored by: Cenzic
> > > >>
> > > >> Need to secure your web apps NOW?
> > > >> Cenzic finds more, "real" vulnerabilities fast.
> > > >> Click to try it, buy it or download a solution FREE today!
> > > >>
> > > >> http://www.cenzic.com/downloads
> > > >>
> ------------------------------------------------------------------------
> > > >>
> > > >>
> > > >>
> ------------------------------------------------------------------------
> > > >> This list is sponsored by: Cenzic
> > > >>
> > > >> Need to secure your web apps NOW?
> > > >> Cenzic finds more, "real" vulnerabilities fast.
> > > >> Click to try it, buy it or download a solution FREE today!
> > > >>
> > > >> http://www.cenzic.com/downloads
> > > >>
> ------------------------------------------------------------------------
> > > >>
> > > >>
> > > >>
> > > >
> > >
> > >
> > >
> >
> >
> ------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution FREE today!
> >
> > http://www.cenzic.com/downloads
> >
> ------------------------------------------------------------------------
> >
> >
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:04 EDT