From: wjnorth (wjnorth@earthlink.net)
Date: Thu Feb 12 2004 - 20:17:52 EST
Notice I did not say all GIAC certified people did not know the difference.
It just so happens that there are a lot of people with paper certs but no
practical experience to back them up. I hear you on the comp sci comment as
well, the problem is in all areas of education, regardless of degrees or
certifications. No matter what there are more people with somewhat of an
education then there are with the education and experience.
I have also heard that the GIAC is not an easy exam to pass as well, but
the same was said about MCSE about 4-5 years ago and look where it's
at...no offense those with MCSE's ;-)
-Wes
At 06:13 PM 2/12/2004 -0500, Don Parker wrote:
>I find it rather unlikely that any GIAC certified individual would not
>know the
>difference between a syn scan and a full connect. For that matter I have
>met several
>graduates of comp sci who were rather sad as well. The one thing that GIAC
>has going for
>it is that it has a rather difficult certification process which proves
>unequivocally
>that you know your material.
>
>Cheers!
>
>Don
>
>-------------------------------------------
>Don Parker, GCIA
>Intrusion Detection Specialist
>Rigel Kent Security & Advisory Services Inc
>www.rigelksecurity.com
>ph :613.249.8340
>fax:613.249.8319
>--------------------------------------------
>
>On Feb 11, wjnorth <wjnorth@earthlink.net> wrote:
>
>Good points all.
>
>Here's my two cents, which will probably get me flamed, but, whatever I've
>got spam.
>
>Certs in general, in my opinion, do not offer anything other then the
>recognition that someone spent enough time to study material and answer
>questions, and perhaps participate in a lab environment. I've ran into so
>many countless people that have certifications ranging from GSEC, CISSP,
>GCIA and a ton of others, that didn't know the difference between a syn
>scan and a full tcp connect, or couldn't explain some of the current public
>exploits and what they do to systems, or valued ISS over nessus, and nessus
>over manual methods...the list goes on and on.
>
>That is not to say that the certs are useless, far from it, especially if
>one backs it up with practical experience. Having said that, let me also
>say that while I hold these sentiments against certifications I also
>believe they are worth something in that it provides people the ability to
>get into security or whatever field their cert is for. They aren't useless,
>in my mind, but for sure nothing beats experience.
>
>Additionally I believe some of the SANS certs hold a bit more water then
>others simply due to industry acceptance, awhile back someone might have
>said the same for CISSP. Regarding the OSTMM, I only recently (within the
>last year) found out about them, and have been doing security for quite a
>while, but apparently not long enough to run across this very interesting
>methodology.
>
>-Wes
>
>P.S. you'll notice no letters after my name, but I could list my four year
>degree to offer some credibility. ;-)
>
>At 07:14 AM 2/9/2004 -0500, Bartholomew, Brian J wrote:
> >Actually I did not, due to the fact that Track 4 was useless. I do however
> >have a great respect for people who have taken the GIAC Certs as they are
> >very difficult (especially the GCIA). But, as for the material covered, and
> >the way it was taught, SANS Track 4 is NOT a good course to take to learn
> >the basics behind pen testing. The question was asked about which to
> >take...OPST or CEH (not GCIH). The answer I gave described the courses I
> >had been through, including Track 4 and an "opinion" as to which of the
> >classes were better.
> >
> >Also I would have to say that you are in the same boat as I sir since you do
> >not carry the GCIH. So, your defense on that specific Track has as much
> >credibility as mine if we are going off of "certifications" as you hinted in
> >the previous email. I was in your shoes about a year ago and thought SANS
> >was the greatest thing since sliced bread, until I took Track 4. The
> >difference between Track 3 (your certification) and Track 4 (the one we are
> >discussing) is too large to quantify.
> >
> >So, as stated in my last email, I suggest you take my advice and not waste
> >your, or your company's money on SANS Track 4. Take the time and try to
> >attend one of the OSTMM specific courses as they are much, much better.
> >Good day to you.
> >
> >Brian J. Bartholomew
> >US Department of State
> >Bureau of Diplomatic Security
> >DS/SI/ACD SA-20 Special Programs
> >Ph: 571-345-2598
> >Cell: 202-369-6349
> >1801 North Lynn St.
> >Arlington, VA 22201
> >
> >
> >-----Original Message-----
> >From: Don Parker [mailto:dparker@rigelksecurity.com]
> >Sent: Monday, February 09, 2004 2:31 AM
> >To: Bartholomew, Brian J; 'pen-test@securityfocus.com'
> >Subject: RE: OPST vs CEH
> >
> >
> >Hello Brian, did you actually bother to certify after taking whatever SANS
> >training it
> >was that you took? The SANS training is among the best out there, however
> >the challenge
> >starts when you do the certification process. This has not only a difficult
> >"practical"
> >portion, but also two demanding exams. From what I have seen of the OSTMM
> >and the CEH
> >neither one of them measure up. The OSTMM does seem to offer business
> >training as well
> >though in addition to the other obvious training. Though I would say that is
> >best left
> >to a place which actually specializes in business training such as a
> >college.
> >
> >Cheers
> >
> >-------------------------------------------
> >Don Parker, GCIA
> >Intrusion Detection Specialist
> >Rigel Kent Security & Advisory Services Inc
> >www.rigelksecurity.com
> >ph :613.249.8340
> >fax:613.249.8319
> >--------------------------------------------
> >
> >On Feb 6 , "Bartholomew, Brian J" <BartholomewBJ@state.gov> wrote:
> >
> >I have taken the CEH but not the OPST. The CEH is kinda simplistic, and
> >pretty easy to pass. I have not taken the OPST, however, I have heard that
> >it is much more in depth and more difficult to pass.
> >
> >I do think the course designed with the CEH exam (I took one through Intense
> >school) is one of the better courses I have taken (in comparison with
> >Foundstone, SANS, etc.). Those "other" courses are too mainstream and none
> >of them speak of the OSTMM except for the CEH oriented classes.
> >
> >To sum it up...If you are looking for letters after your name and a good
> >base to start with, go for the CEH (it can't hurt). If you want to take a
> >more detailed, OSTMM sponsored test, take the OPST. What the hell, take
> >both if you really like a challenge :)
> >
> >Brian J. Bartholomew
> >Bureau of Diplomatic Security
> >DS/SI/ACD SA-20 Special Programs
> >Ph: 571-345-2598
> >Cell: 202-369-6349
> >1801 North Lynn St.
> >Arlington, VA 22201
> >
> >
> >-----Original Message-----
> >From: circut@hackthisbox.org [mailto:circut@hackthisbox.org]
> >Sent: Friday, February 06, 2004 11:01 AM
> >To: kenzo
> >Cc: pen-test@securityfocus.com
> >Subject: Re: OPST vs CEH
> >
> >
> >
> >I've taken the CEH class. It's pretty good, but it focuses more on hacking
> >windows then it does linux or unix. The instructor and environment was
> >good though. They don't really talk too much in depth about buffer
> >overflows or privledge escalation on linux. But I think the class was
> >worth it. NEver taken any of those other tests.
> >
> > -circut
> >
> >On Wed, 4 Feb 2004, kenzo wrote:
> >
> > > I'm thinking about taking one of these certs. OPST (OSSTMM PROFESSIONAL
> > > SECURITY TESTER)
> > > or CEH (certified ethical hacker)
> > > I've read about the two, and they seem to be kind of the same thing.
> > > I know that some people in here were talking about the opst, but what
> >about
> > > the ceh?
> > > Has anyone taking the CEH or both?
> > > Please let me know.
> > >
> > > thanks.
> > >
> > >
> >---------------------------------------------------------------------------
> > >
> >----------------------------------------------------------------------------
> > >
> >
> >---------------------------------------------------------------------------
> >----------------------------------------------------------------------------
> >
> >---------------------------------------------------------------------------
> >----------------------------------------------------------------------------
> >
> >
> >
> >---------------------------------------------------------------------------
> >----------------------------------------------------------------------------
> >
> >
> >---------------------------------------------------------------------------
> >Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
> >
> >Protect your network with the comprehensive security solution that
> >integrates six applications for ease of use and lower TCO.
> >
> >Firewall - Virus protection - Spam protection - URL blocking - VPN
> >- Wireless security.
> >
> >Download 30-day evaluation at:
> ><a
>href='http://www.astaro.com/php/contact/securityfocus.php'>http://www.astaro.com/php/cont
>act/securityfocus.php</a>
> >----------------------------------------------------------------------------
>
>
>---------------------------------------------------------------------------
>Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
>
>Protect your network with the comprehensive security solution that
>integrates six applications for ease of use and lower TCO.
>
>Firewall - Virus protection - Spam protection - URL blocking - VPN
>- Wireless security.
>
>Download 30-day evaluation at:
><a
>href='http://www.astaro.com/php/contact/securityfocus.php'>http://www.astaro.com/php/cont
>act/securityfocus.php</a>
>----------------------------------------------------------------------------
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:48 EDT