From: Andy Cuff (lists@securitywizardry.com)
Date: Mon Aug 30 2004 - 06:00:47 EDT
Hi,
I'm sorry, but it's the content I'd be buying such a book for, not it's
presentation. My opinion would be different if it were a fictional novel.
I've not read the book in question, therefore rate my comment accordingly,
but I suspect the review is a little harsh.
I don't think you can go far wrong with the Hacking Exposed books, which are
good for technical reference. However, if it's a well written and presented
book that doesn't require a wheelbarrow to move it, then Chris McNab's
"Network Security Assessment" by O'Reilly is very good and not at all
verbose.
Reverting to the original thread, a course will allow you to hit the ground
running in just a few days, though it will not make you a pen tester and you
will need to consolidate the knowledge gained. Using a book allows you to
tackle every method from the ground up, there will be no preinstalled
software and you have to do it all yourself, the knowledge gained is much
more useable and will remain in memory for longer (I'm getting old)
However, there will be no instructor giving you the MOST important value
added real world experience, or helping you with the new syntax for the
latest version of sploit X, Y or Z And a course gives you subject
submersion 0800-1800 and later. Personally I'm too easily distracted to
give this kind of attention to personal study with a book. In summary I
like courses, but they are not a panacea.
Now back to my PRINCE2 study with a book that I can't motivate myself to
open. Damn distractions, see what I mean ?
-andy cuff
Talisker's Computer Security Portal
Computer Network Defence Ltd
http://www.securitywizardry.com
----- Original Message -----
From: "Wayne M Burke" <wburke@secureye.com>
To: "randori ." <randori82@hotmail.com>; <pen-test@securityfocus.com>
Sent: Sunday, August 29, 2004 11:37 PM
Subject: Re: EC-Counsil
> This is what Amazon has as a review:
>
> "Reviewer: A reader
> The EC-Council calls itself a professional organization, but the
horrendous
> grammatical and punctuation errors contained in this book cast serious
doubt
> upon that claim. I found myself wondering if English is the first language
> of the author(s). Even the printing is awful, as on every page words are
> interrupted by empty "spa ce." I can't even address the content--I got a
> headache just trying to get the sentences to make sense, and finally had
to
> give up. If so little attention is given to the presentation of the facts,
> how much confidence can I have that the facts themselves are correct?"
>
> ----- Original Message -----
> From: "randori ." <randori82@hotmail.com>
> To: <pen-test@securityfocus.com>
> Sent: Sunday, August 29, 2004 9:40 AM
> Subject: RE: EC-Counsil
>
>
> > I know you can by the EC-Coucil CEH book at Barnes and Noble for 75
bucks.
> > It should give you a pretty good understanding of what the course will
> > entail.
> >
> >
>
http://www.amazon.com/exec/obidos/tg/detail/-/0972936211/ref=wl_it_dp/103-8029621-6183802?%5Fencoding=UTF8&coliid=I2YT787IAISYN&v=glance&colid=21GEEQ4AL0BVL
> >
> > If you're unsure, give that book a shot and then reasses.
> >
> > -Andre
> >
> >
> >
> >
> > >From: Chris Griffin <cgriffin@dcmindiana.com>
> > >To: pen test <pen-test@securityfocus.com>
> > >Subject: EC-Counsil
> > >Date: Tue, 24 Aug 2004 08:13:58 -0500
> > >MIME-Version: 1.0
> > >Received: from outgoing3.securityfocus.com ([205.206.231.27]) by
> > >mc11-f40.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Sat, 28 Aug
> > >2004 06:08:11 -0700
> > >Received: from lists.securityfocus.com (lists.securityfocus.com
> > >[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid
> > >B655323729B; Tue, 24 Aug 2004 14:53:21 -0600 (MDT)
> > >Received: (qmail 1720 invoked from network); 24 Aug 2004 11:51:39 -0000
> > >X-Message-Info: JGTYoYF78jEEceEcdwg904RM+b8DPEqt
> > >Mailing-List: contact pen-test-help@securityfocus.com; run by ezmlm
> > >Precedence: bulk
> > >List-Id: <pen-test.list-id.securityfocus.com>
> > >List-Post: <mailto:pen-test@securityfocus.com>
> > >List-Help: <mailto:pen-test-help@securityfocus.com>
> > >List-Unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
> > >List-Subscribe: <mailto:pen-test-subscribe@securityfocus.com>
> > >Delivered-To: mailing list pen-test@securityfocus.com
> > >Delivered-To: moderator for pen-test@securityfocus.com
> > >Message-ID: <412B3F16.2060706@dcmindiana.com>
> > >User-Agent: Mozilla Thunderbird 0.6 (X11/20040819)
> > >X-Accept-Language: en-us, en
> > >X-Enigmail-Version: 0.83.6.0
> > >X-Enigmail-Supports: pgp-inline, pgp-mime
> > >Return-Path:
> > >pen-test-return-1078475230-randori82=hotmail.com@securityfocus.com
> > >X-OriginalArrivalTime: 28 Aug 2004 13:08:12.0049 (UTC)
> > >FILETIME=[12580010:01C48D00]
> > >
> > >List,
> > >
> > >I was looking to see if anyone had any exposure to ec counsil's CEH
> course.
> > >I have heard mixed views on the ec counsil, but nothing about their
> > >courses.
> > >I dont really care about getting a certification, but I wouldnt mind
> > >getting one also.
> > >My main concern is, learning quality stuff that I can put to use in a
> > >security career.
> > >
> > >As im sure everyone feels the same, I Dont want to drop my money on
> > >something that looks good,
> > >but really isnt going to help build knowledge.
> > >
> > >for a quick reference, here is a link to the exam/course I found
> > >
> > >http://www.mile2.com/certified_ethical_hacker_training_v3.html
> > >
> > >and http://www.eccouncil.org/CEH.htm
> > >
> > >Does anyone know if this is quality stuff, or is there something out
> there
> > >better?
> > >(A major factor to me looking at this was, I can find a class local so
I
> > >dont have to travel)
> > >
> > >Regards,
> > >Chris
> > >
> >
>
>---------------------------------------------------------------------------
> ---
> > >Ethical Hacking at the InfoSec Institute. All of our class sizes are
> > >guaranteed to be 12 students or less to facilitate one-on-one
interaction
> > >with one of our expert instructors. Check out our Advanced Hacking
> course,
> > >learn to write exploits and attack security infrastructure. Attend a
> course
> > >taught by an expert instructor with years of in-the-field pen testing
> > >experience in our state of the art hacking lab. Master the skills of an
> > >Ethical Hacker to better assess the security of your organization.
> > >
> > >http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> >
>
>---------------------------------------------------------------------------
> ----
> > >
> >
> > _________________________________________________________________
> > Is your PC infected? Get a FREE online computer virus scan from McAfeeŽ
> > Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> >
> >
>
> --------------------------------------------------------------------------
> ----
> > Ethical Hacking at the InfoSec Institute. All of our class sizes are
> > guaranteed to be 12 students or less to facilitate one-on-one
interaction
> > with one of our expert instructors. Check out our Advanced Hacking
course,
> > learn to write exploits and attack security infrastructure. Attend a
> course
> > taught by an expert instructor with years of in-the-field pen testing
> > experience in our state of the art hacking lab. Master the skills of an
> > Ethical Hacker to better assess the security of your organization.
> >
> > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
>
> --------------------------------------------------------------------------
> -----
> >
> >
> >
>
>
>
> --------------------------------------------------------------------------
---- > Ethical Hacking at the InfoSec Institute. All of our class sizes are > guaranteed to be 12 students or less to facilitate one-on-one interaction > with one of our expert instructors. Check out our Advanced Hacking course, > learn to write exploits and attack security infrastructure. Attend a course > taught by an expert instructor with years of in-the-field pen testing > experience in our state of the art hacking lab. Master the skills of an > Ethical Hacker to better assess the security of your organization. > > http://www.infosecinstitute.com/courses/ethical_hacking_training.html > -------------------------------------------------------------------------- ----- > ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:01 EDT