Penetration Testing mailing list archives
Re: Ethical Hacking Training
From: Kevin Johnson <kjohnson () secureideas net>
Date: Mon, 19 Jan 2004 20:01:12 -0500
On Mon, 2004-01-19 at 13:05, Don Parker wrote:
I fully agree that to defend one *must* know how to attack. I too often hear some of my peers say how ,such and such, attack is very script kiddiesh. My usual retort to that is "do you know how to do it?". Most network security people I know have no concept on how to use an exploit, and invoke it let alone code one. Sending someone on an "Ethical Hacking" course can fill most of these gaps in. As I have already stated though the student must come to one of these courses with a certain amount of knowledge before hand or the money is wasted. Prerequisites for such courses must be clearly laid out in the course marketting imho. Cheers ------------------------------------------- Don Parker, GCIA
Hi- I think one of the things to remember is what the term means, not necessarily how people use it. When I tell some one that I am considered an ethical hacker. I am saying that I test the security posture of a company. This may include actually "hacking" into their systems or just assessing their policies. But no matter what is included, I also include a remediation report. This ensures that not only are they told what the problems are, they are also told how to fix it. I understand the need for Ethical Hacker training. If I didn't know how to get in, how could I honestly tell them how to keep me out? Kevin Johnson --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Ethical Hacking Training, (continued)
- RE: Ethical Hacking Training Rob Shein (Jan 20)
- Re: Ethical Hacking Training Don Parker (Jan 18)
- RE: Ethical Hacking Training Pete Herzog (Jan 19)
- Re: Ethical Hacking Training Mike Hoskins (Jan 20)
- RE: Ethical Hacking Training Teicher, Mark (Mark) (Jan 19)
- RE: Ethical Hacking Training DeGennaro, Gregory (Jan 19)
- Re: Ethical Hacking Training Meritt James (Jan 19)
- Re: Ethical Hacking Training Stormwalker (Jan 20)
- RE: Ethical Hacking Training Kurt (Jan 20)
- Re: Ethical Hacking Training Meritt James (Jan 19)
- Re: Ethical Hacking Training Don Parker (Jan 19)
- Re: Ethical Hacking Training Kevin Johnson (Jan 20)
- RE: Ethical Hacking Training Don Parker (Jan 19)
- RE: Ethical Hacking Training S. Thomas (Jan 20)
- RE: Ethical Hacking Training DeGennaro, Gregory (Jan 20)
- Re: Ethical Hacking Training Hamish webhosting.net.nz (Jan 20)
- Ethical Hacking Training Daryl Davis (Jan 20)
- Re: Ethical Hacking Training Jeff Shawgo (Jan 20)
- Re: Ethical Hacking Training Chris Kirschke (Jan 20)
- RE: Ethical Hacking Training Kohlenberg, Toby (Jan 20)
- RE: Ethical Hacking Training Don Parker (Jan 20)