Re: CEH Course - Your thoughts?

["Jason Ross" <algorythm () gmail com>]

My opinion, hold off for SANS..
I'm a C|EH, and I can honestly say that (for me anyway) the course was
a tremendous waste of time and money.
( Disclaimer: I did not attend the v6 version, YMMV. )

Not only did the material covered in the class not represent what was
asked on the test, but the material was in large part outdated and not
really relevant in today's world (example: we covered using Beast to
backdoor hosts quite a bit...good luck getting that past any current
A/V system without hexing the snot outta the binary, which wasn't even
mentioned in the course, let alone taught.)

In fact, it was so bad, that myself and my co-worker (who took the
course with me) both went to the organization sponsoring the class and
made a formal complaint about it.

I took advantage of the opportunity because the company was willing to
pony up for it but not for a CISSP or even a SANS course (the cost
differences are fairly significant). If you have an opportunity to
convince your employer to spring for one of the other, it's a much
better investment on their part, despite (or perhaps because of...
I'll let others debate that) the fact that it requires a higher
commitment.

For a simple test of the relative "worth" I recommend the following experiment:
Go to a job search website of your choice
Search for the desired SANS certification, or CISSP, then search for CEH.
Note the differences in the types and number of positions posted.

As I said, I attended an earlier version, so things may be
different...or it may just be that I ended up with a crappy instructor
(though I read through all the materials afterwards, and the "dated"
comment applies regardless). But for me, it was a real let down, and
any time anyone asks me about it, I say so.

--
Jason


On Thu, Aug 21, 2008 at 4:54 PM, J5
<lifeisnotamalfunction () googlemail com> wrote:
> I will be rounding up my first year as a security analyst soon and my
> company has offered to send me to a CEH course taught by Dan Garfield
> and it is held by IT Training Solutions.  This is the new v6 course.
>
> I feel very comfortable with locating vulnerabilities on the network
> and exploitation methodologies.  I do penetration testing on my job,
> but it is a very small part of my daily activities. I see many tools
> listed in the description that I just haven't had the time to go hands
> on with.... and some I use extensively.
>
> I would like to ask anyone who has attended one of these 5 day courses
> to reply with their experiences.  I am looking for a lab based
> environment to experiment with tools I haven't had the opportunity to
> use.  I am already ingrained with CIA, AAA & management aspects of
> infosec as well as the 'anatomy of an attack.'  I want to get to the
> nitty gritty and not have the same vague overview I get all the time.
> I really want to spend a solid week focusing on improving my toolkit.
>
> Do you feel like this course would be beneficial to me or should I
> hold off for something else.  (SANS, Foundstone, etc)