From: Richard Zaluski (rzaluski@ivolution.ca)
Date: Wed Jun 22 2005 - 15:00:05 EDT
Regarding "tools" and windows, most of the security tools that run on
Windows are simply ported over from the *nix world. They run much better
and often times allow much more flexibility in their use due to the way
Windows and *nix operates and interacts with them.
Its much better, in my opinion to run a tool on its native operating system.
I have seen nmap for example running on MS 2000 professional completely lag
behind the *nix version.
Richard Zaluski
CISO, Security and Infrastructure Services
iVOLUTION Technologies Incorporated
905.309.1911
866.601.4678
www.ivolution.ca
rzaluski@ivolution.ca
Key fingerprint = DB39 7FC3 1F5D AD94 85DD 78B0 774D 5DE5 B011 BD8C
=======================================================================
CONFIDENTIALITY NOTICE: This email message, including any
attachments, is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. If you are not the
intended recipient, please contact the sender. Any unauthorized review,
use, disclosure, or distribution is prohibited.
=======================================================================
-----Original Message-----
From: glemmon@onealwebster.com [mailto:glemmon@onealwebster.com]
Sent: Wednesday, June 22, 2005 2:30 PM
To: brzurom@tycho.ncsc.mil; pen-test@securityfocus.com
Cc: rzaluski@ivolution.ca
Subject: RE: CEH training
Thank you all for your comments, suggestions and recommendations. This is
my
take away from your feedback: The CEH cert needs some improvement, in that
it
is 1) very Tools oriented 2) more windows than *nix oriented (not
necessarily
a bad thing considering the average Windows Admin is light years behind the
average *nix Admin in general network and sys know how) 3) Good training is
very dependent on the Instructor you get (this is probably the issue in a
lot
of cases not just CEH cert/training).
A lot of you that responded seem to have overlooked a minor detail though -
I
need something (training offering) preferably in an online format, I will
not
be able to travel for another two months project completion deadlines.
I have looked at the SANS@Home course "Hacker Techniques, Exploits &
Incident
Handling" Instructor - Ed Skoudis and that is what I am leaning towards
enrolling in. I also looked at ISECOM, Learn Security Online, SensePost and
Foundstone. All are impressive in their syllabus/course outline and I know
from reading some of the books from the Hacking Exposed series as well as
other general reading that these institutions and their instructors are held
in high esteem in the Infosec World, well with the exception of the Learn
Security Online establishment. I could not get enough background information
from their website about them.
I really appreciate all the feed back, and you guys please keep up the great
work of community building and knowledge sharing. I hope to be making my
contribution to this list in a little while as a pen-tester :-)!!!
Gregory
-----Original Message-----
From: Zuromski, Brian [mailto:brzurom@tycho.ncsc.mil]
Sent: Wednesday, June 22, 2005 9:08 AM
To: 'pen-test@securityfocus.com'
Cc: 'Richard Zaluski'
Subject: RE: CEH training
I actually attended a CEH workshop. Although it was only a sales pitch
into what the class would be about we actually got to keep the class book.
It doesn't really teach the theory in hacking....although they have a short
section on what is a hacker and what keeps someone 'ethical'. Then they
proceed to show you how to use 5000 different WINDOZE apps that constitute
hacking into networks and systems 'ethically' of course. I just thought it
was more for windows people who are curious and want to know how to
enumerate
targets. (IMHO it is just information you could get elsewhere) I thought it
was too dependant on tools, and not strong on actually how to collect
information manually. If they would introduce linux into the class then I
would absolutely get the CEH cert as everyone knows most windows tools are
based off of $nix tools that have been around and you have to know what your
doing when you use the $nix tools forcing more theory and know how into the
class that could help people understand across the board.....
I will say this, the instructor who did this (Don), was extremely
knowledgeable and knows the unix/windoze/network side of things, so if you
get a good instructor it might pay off on the way the apps are working to
collect information and enumerate targets....and that is what you need to be
a pen-tester!
-----Original Message-----
From: Richard Zaluski [mailto:rzaluski@ivolution.ca]
Sent: Saturday, June 18, 2005 7:33 PM
To: glemmon@onealwebster.com; pen-test@securityfocus.com
Subject: RE: CEH training
The issue we find with these courses is that they tend to be encyclopedic in
nature. They teach you how to 'hack a box' rather then provide you with the
skills a professional security tester needs.
iVOLUTION currently has two Penetration Courses that we teach at IBM, its
security staff and worldwide partners. Our classes are based upon the skills
you need to become an efficient and resourceful security professional
There are a few good courses out there that deal with Penetration Testing,
not just ours. I would look for classes that deal specifically with Pen
Testing rather than 'hacking'
There is much more to being a pen tester than hacking. It's knowing the
tools, techniques, methodologies and resources as well as understanding how
to research exploits and properly assess networks and target systems. This
is
in conjunction with understanding the legalisms associated with testing that
varies greatly in different countries, states, provinces and regions.
As for online courses of this nature, I have not seen one as yet but I do
understand time is an issue in your case.
Regards,
Richard Zaluski
CISO, Security and Infrastructure Services iVOLUTION Technologies
Incorporated
905.309.1911
866.601.4678
www.ivolution.ca
rzaluski@ivolution.ca
Key fingerprint = DB39 7FC3 1F5D AD94 85DD 78B0 774D 5DE5 B011 BD8C
=======================================================================
CONFIDENTIALITY NOTICE: This email message, including any
attachments, is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. If you are not the
intended recipient, please contact the sender. Any unauthorized review,
use, disclosure, or distribution is prohibited.
=======================================================================
-----Original Message-----
From: glemmon@onealwebster.com [mailto:glemmon@onealwebster.com]
Sent: Tuesday, June 21, 2005 2:35 PM
To: pen-test@securityfocus.com
Subject: CEH training
Hi all,
I am looking at getting some training to start my official journey down =
the path as a Security Penetration Tester - and was wondering about the =
views on taking the Intense School's CEH boot Camp. Has anyone on/from the
list attended their course and have and feedback/recommendations? My =
background is predominantly Windows, but I am fairly functional with Linux.
I am more interested in online courses right now though only because I am =
currently involved in some projects that require me to be available for my
office = over the next couple of months. Any constructive feedback is more
than = welcome.
Thanks
Gregory Lemmon, MCP, Security+
I.T. Manager
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:28 EDT