Firewall Wizards mailing list archives
Re: Extreme Hacking
From: Vanja Hrustic <vanja () siamrelay com>
Date: Tue, 06 Jul 1999 06:53:31 +0700
At 07:06 PM 7/1/99 +0200, Kunz, Peter wrote:
Folks, Ernst & young made headlines in TIME when they offered the first run fo their Extreme Hacking course. 5 days of Unix and NT hacking, with a CD to take home. The participants are somewhat screend by having to be referenced by local the local EY office. Recently, I was told attendees learn new exploits and hacks that we will probably only see out in the open in 1-2 years. IBM seems to maintain a database with similar information, accessible
So, does it mean that E&Y are not reporting the vulnerabilities to the vendors? I can hardly imagine an 'exploit' and a 'hack' that we won't see open in 1-2 years, and someone is using it (and TEACHING) now. At the end, the people who are 'inventing' the techniques and finding exploits are not always from security or consulting companies.
by only a few pros. So, the question arises: what other companies have such DBs? What are they worth? And the real issue: is there anything in there you won't find on Bugtraq? After all, EY charges about $4.5K for 5 days.
Is there something like "30-day moneyback guarantee" if student is not satisfied!? ;) One thing remains very unclear - "pro". What is "pro"? If you work in "Just Started Security & Co. Ltd." but other guys work in E&Y or IBM - does it make them 'pros' and you are an 'amateur'? I also don't think that in 5 days you can really become a "pro" either... No matter how good teachers you have. Computer security business is still a big risk. You can pay a lot and get nothing, you can pay a lot and get lot - but you might also pay nothing and get lot. Gamble ;) Vanja
Current thread:
- Re: Extreme Hacking, (continued)
- Re: Extreme Hacking Craig H. Rowland (Jul 06)
- Re: Extreme Hacking Crispin Cowan (Jul 08)
- Re: Extreme Hacking Craig H. Rowland (Jul 09)
- Vulnerability Escrow (was: Extreme Hacking) Crispin Cowan (Jul 09)
- Re: Extreme Hacking Joseph S D Yao (Jul 12)
- Re: Extreme Hacking Craig H. Rowland (Jul 12)
- Re: Extreme Hacking Craig H. Rowland (Jul 06)
- Re: Extreme Hacking Vanja Hrustic (Jul 09)
- Re: Extreme Hacking Marcus J. Ranum (Jul 12)
- Re: Extreme Hacking Jody C. Patilla (Jul 07)
- Re: Extreme Hacking Rafi Sadowsky (Jul 09)
- Re: Extreme Hacking Darren Reed (Jul 12)
- Re: Extreme Hacking Darren Reed (Jul 08)
- Re: Extreme Hacking Brad J Passwaters (Jul 12)
- Re: Extreme Hacking Darren Reed (Jul 12)