Penetration Testing mailing list archives

RE: OSCP

From: "John Babio" <jbabio () po-box esu edu>
Date: Tue, 18 Nov 2008 07:34:41 -0500

SANS also has some pretty outstanding CERTS!

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Michael Condon
Sent: Monday, November 17, 2008 4:35 PM
To: me () abegetchell com; 'Craig Wilson'
Cc: pen-test () securityfocus com
Subject: Re: OSCP

I'm working on both, so I can get each perspective. I am already familiar 
with the CISSP fundamentals and mitigation techniques from managing 
datacenters and networks for years, but would also like to see the other 
side. Besides, the OSCP training is reasonably priced.

--------------------------------------------------
From: "Abe Getchell" <me () abegetchell com>
Sent: Monday, November 17, 2008 2:26 PM
To: "'Craig Wilson'" <cwilson () ppilearning com>
Cc: <pen-test () securityfocus com>
Subject: RE: OSCP

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Do you really know how to protect information system resources if you 
don't understand the techniques used to penetrate the defensive mechanisms 
employed in these systems? Knowing your enemy and understanding the 
techniques and methodology that will be used against your critical assets 
are one of the most important pieces of knowledge you can posses as 
someone working in INFOSEC, IMHO.

That being said, both the OSCP and CISSP are great certs, but completely 
different and really can't be compared.

- --
Abe Getchell
me () abegetchell com
https://abegetchell.com/

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Craig Wilson
Sent: Monday, November 17, 2008 2:19 PM
To: chaitanya.sharma () gmail com; pen-test () securityfocus com
Subject: Re: OSCP

Hi,

OSCP is great for practical knowhow but I would rather employ a CISSP
anyday; why and how you would protect systems are much more important
than how you break in.  Its all very well knowing how to make a shell
run on a poorly configed machine but understanding defensive configs to
ensure the machine isn't in a position to be compromised are more
important IMHO.

Additionally I would ensure you have day to day experience and
knowledge of why you would advocate certain things in corporate
environments.

Craig

----- Original Message -----
Craig Wilson
Senior IT Network Administrator & Support Analyst
T. 0207 264 5113
M. 07899895510
F. 02072645101
E. cwilson () ppilearning com
W. http://www.ppilearning.com/
P Think Green - Please do not print this email unless you really need
to
http://www.ppilearning.com/promotions/winserver2008register.php

This email and any attachments are confidential information and solely
intended to be read by the email addressees above. If you inadvertently
receive this email, your access is unauthorised and you may not copy,
disclose, distribute or otherwise use this email and its contents. If
you have received this email in error, please inform us immediately at
mailto:SA () PPILearning com and delete all copies from your system. PPI
Learning Services accepts no legal liability for the contents of this
email including any errors, interception or interference, as internet
communications are not secure. Whilst PPI Learning Services and the
sender have taken every precaution to prevent transmission of computer
viruses, should this inadvertently occur we do not accept any
liability. Any offer or acceptance of a contract for goods or services
made in this email is subject to our standard terms and conditions
(available on request), unless other terms and conditions have been
agreed in writing between authorised signatories of the parties. PPI
Learning Services Limited. Registered Address: 3-5 Crutched Friars,
London, EC3N 2HR. Registered in United Kingdom Company Number 06008725

----- Original Message -----

From: listbounce () securityfocus com <listbounce () securityfocus com>
To: Penetration Testing (SecFocus) <pen-test () securityfocus com>
Sent: Mon Nov 17 07:24:33 2008Subject: Re: OSCP

Hi,

I am thinking of doing a certification and have short listed CISSP and
OSCP.  Which one would you suggest is good?  CISSP is widely accepted
and well known. OSCP is really good for getting hardcore experience,
but does it have the same recognition as CISSP?

On Thu, Nov 13, 2008 at 4:02 AM, Taras P. Ivashchenko
<naplanetu () gmail com> wrote:

Stephen, I took this course some months ago.

My opinion is that very good practical course and certification for

this

price.

On Mon, 2008-11-10 at 15:36 +1030, Stephen Argent wrote:

Hi there - just out of curiosity, has anyone here taken the

"Offensive

Security 101" course to receive the OSCP (Offensive Security

Certified

Professional)? I'm curious as to if it is a good course, if it is

run

well, and if it's worth the 500+ USD you pay for it. Thanks

--------------------------------------------------------------------

----

This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
--------------------------------------------------------------------

----

--
Тарас Иващенко (Taras Ivashchenko), OSCP
----
"Software is like sex: it's better when it's free." - Linus Torvalds




--
Regards,
Chaitanya

http://blog.chaitanyasharma.in




-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: UTF-8

wsBVAwUBSSHThRgR0SeaGdcAAQhGlAgAhVnauxNIqZPph6+PMXPFZkHbVaVUlw1j
AgWLl1IVJijTtoxWiz23fkCvv5YNkjSQVKfSVx+WB73E/eCnnVGILHqhcVb/tJRS
BNSLFCd12LovIaNZKYdIqnXYbJDB24Xu4YyhhphiL+3A4DRPRElmMqDyl0sLy6L4
6pxvd91h5IlmwiotklYyGfkhevfgNn5vHCHilek3Oh/0Sf43ysJD+4XUpInzpytH
FPpjBWGrJeJBqxvCGySKpMwb7N1ZibLBe0Gct7F0PaMFpdcPwuJk5JjVeYO8F+lY
h+UMYN7MKct5eonMXJeNUF8xL2TBjGrsap52wKLTBeWhnUk8/45EPw==
=zwju
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

Re: OSCP, (continued)
- - - Re: OSCP NeZa (Nov 12)
    - Message not available
    - Re: OSCP Stephen Argent (Nov 12)
- Re: OSCP Taras P. Ivashchenko (Nov 12)
  - Re: OSCP Chaitanya (Nov 17)
  - Message not available
    - Re: OSCP Taras P. Ivashchenko (Nov 18)
- Re: OSCP Craig Wilson (Nov 17)
  - RE: OSCP Abe Getchell (Nov 17)
    - Re: OSCP Michael Condon (Nov 17)
    - Re: OSCP Morning Wood (Nov 18)
    - Re: OSCP Robin Wood (Nov 18)
    - RE: OSCP John Babio (Nov 18)
    - Re: OSCP Chris Griffin (Nov 18)
    - Re: OSCP Pedro Drimel (Nov 17)
  - Re: OSCP J. Oquendo (Nov 17)
    - Re: OSCP Michael Condon (Nov 18)
    - Re: OSCP J. Oquendo (Nov 18)
  - Message not available
    - RE: OSCP Craig Wilson (Nov 18)
  - Re: OSCP acey deucey (Nov 18)
- Re: Re: OSCP prdiez (Nov 18)