Re: CEH Course - Your thoughts?

["Eric Starace" <gpz1100.rider () gmail com>]

I have sent a few people through CEH and have been told by each it is
not worth the money.  Covers tools vice methodolgy.

I'm currently taking the BackTrack to the Max course from "Offensive
Security".  I'm only in the first day and so far it is great.  Have no
doubts that it will be far better than CEH and the Foundstone courses.

This is an advanced course but offensive-security also offers the
"Offensive Security 101" course both online and classroom based.  With
both courses they also offer 30 or 60 day access to a lab environment.
 The instructor shows you some great examples then expects you to
replicate the concepts learned without following a scripted lesson,
they want you to apply what was taught to different environments.

Although the price can be steep compared to some courses this one is
worth the money and time.  Try the online Offensive Security 101
first, the cost is fairly cheap at $700 that includes 60 days of lab
time.

Just my thoughts,

Eric

On Mon, Aug 25, 2008 at 4:38 PM, NeZa <danuxx () gmail com> wrote:
> I Agree,
>
> CISSP and CEH are 2 different things, and i am not talking about which
> one is better, just the scope of them.
>
> CISSP is for Management Security without any technical issues as CEH.
> That's why i told at the beginning that the right comparison against
> CEH is OSCP from offensive security.
>
> On Mon, Aug 25, 2008 at 11:33 AM, David Harley <david.a.harley () gmail com> wrote:
> > I don't think CISSP is what the original poster is actually looking for:
> > it's not exactly hands-on. Besides, a year's experience isn't enough to meet
> > the (ISC)2 requirements. I'd suggest one of the SANS certs, if the budget
> > allows.
> >
> > --
> > David Harley BA CISSP FBCS CITP
> > Director of Malware Intelligence
> > ESET LLC
> >
> > > -----Original Message-----
> > > From: listbounce () securityfocus com
> > > [mailto:listbounce () securityfocus com] On Behalf Of Eddy Alexandre
> > > Sent: 23 August 2008 04:54
> > > To: asilvano () vicop net; lifeisnotamalfunction () googlemail com;
> > > security-basics () securityfocus com
> > > Subject: Re: CEH Course - Your thoughts?
> > >
> > > Although I took the CEH training, I would argue that the
> > > CISSP is the way to go.
> > > The SANS might be a show stopper for a small training budget...
> > > Just my 2 cents.
> > > Kind regards,
> > >
> > > *** Please note the new address below***
> > >
> > > Eddy Alexandre
> > > Dir. Information Technology
> > > Niche Media
> > > 100 church street, 7th Floor
> > > New York, NY 10007
> > > P: (646) 835-5244
> > > C: (917) 225-9272
> > > F: (212) 533-6326
> > > Fax: (800)-671-5695
> > > Helpdesk: (646) 839-1733  Ext.333
> > > eddy.alexandre () nichemediallc com
> > > www.nichemediallc.com
> > > Art Basel Miami Beach | Aspen Peak | Atlanta Peach | Bal
> > > Harbour | Boston Common | Bridgehampton Polo | Capitol File |
> > > CityCenter Las Vegas | Florida InsideOut | Gotham | Hamptons
> > > | Los Angeles Confidential | Michigan Avenue | Ocean Drive |
> > > Ocean Drive Español |Philadelphia Style | Style: Palazzo/The
> > > Venetian | Trump | Vegas | Wynn
> > >
> > >
> > >
> > > ----- Original Message -----
> > > From: listbounce () securityfocus com <listbounce () securityfocus com>
> > > To: 'J5' <lifeisnotamalfunction () googlemail com>;
> > > 'security-basics' <security-basics () securityfocus com>
> > > Cc: 'security-basics' <security-basics () securityfocus com>
> > > Sent: Thu Aug 21 21:54:30 2008
> > > Subject: RE: CEH Course - Your thoughts?
> > >
> > > If you dont have problem with budget, go for SANS training
> > > (GCIH or GPen) instead of CEH.
> > >
> > > Cheers,
> > > Ardian Silvano
> > >
> > > -----Original Message-----
> > > From: listbounce () securityfocus com
> > > [mailto:listbounce () securityfocus com] On Behalf Of J5
> > > Sent: Friday, August 22, 2008 3:55 AM
> > > To: security-basics
> > > Subject: CEH Course - Your thoughts?
> > >
> > > I will be rounding up my first year as a security analyst
> > > soon and my company has offered to send me to a CEH course
> > > taught by Dan Garfield and it is held by IT Training
> > > Solutions.  This is the new v6 course.
> > >
> > > I feel very comfortable with locating vulnerabilities on the
> > > network and exploitation methodologies.  I do penetration
> > > testing on my job, but it is a very small part of my daily
> > > activities. I see many tools listed in the description that I
> > > just haven't had the time to go hands on with.... and some I
> > > use extensively.
> > >
> > > I would like to ask anyone who has attended one of these 5
> > > day courses to reply with their experiences.  I am looking
> > > for a lab based environment to experiment with tools I
> > > haven't had the opportunity to use.  I am already ingrained
> > > with CIA, AAA & management aspects of infosec as well as the
> > > 'anatomy of an attack.'  I want to get to the nitty gritty
> > > and not have the same vague overview I get all the time.
> > > I really want to spend a solid week focusing on improving my toolkit.
> > >
> > > Do you feel like this course would be beneficial to me or
> > > should I hold off for something else.  (SANS, Foundstone, etc)
> > >
> > > __________ NOD32 3315 (20080731) Information __________
> > >
> > > This message was checked by NOD32 antivirus system.
> > > http://www.eset.com
>
>
>
> --
> Daniel Regalado aka NeZa
> Hacker Wanna Be from Nezahualcoyotl
>
> www.macula-group.com



--
Eric