Full Disclosure mailing list archives
Re: Training & Certifications
From: Dave Aitel <dave () immunitysec com>
Date: Sat, 03 Apr 2004 18:56:44 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you want to learn how to write exploits, Immunity is doing a Windows Exploitation class Apr 29-30 in Manhattan. Feel free to email me if you'd like more information... Dave Aitel Immunity, Inc. Harlan Carvey wrote: |> I'm not an authority on training as the only training I've had is |> SANS, but I can vouch for the quality it. | | | Any particular instructors? I find it hard to believe that someone | who is an instructor at SANS would endorse tools like inzider. But | I do know other instructors that are pretty darned good...Jennifer | Kolde, for example. | |> ...when I see certain letters, I do pay closer attention. | | | Which ones? | |> I'll break the ice by starting with something facetious like |> "What is the first thing you do with a Windows box and the last |> thing you do with a *NIX box when you have trouble?" Answer: |> reboot. | | | I agree that would be a good way to break the ice, but from a | professional standpoint, I don't think it's a great idea. In the | real world, rebooting a Windows box isn't the first thing you | should be doing. I might be concerned that with such a question, | that might give the candidate an improper impression of how the | company conducts itself. | | The rest of your questions are good ones to ask, but again, for | Robert, I really think it depends on what sorts of services the | company plans to offer. | |> For sysadmins, I ask easier, more system specific questions, but |> for security I ask broad, tough questions because of the |> requirements of the field. I have only had one person so far, |> answer all correctly. | | | Keep in mind, though, that depending upon the questions, what's | 'right' may be subjective. | | _______________________________________________ Full-Disclosure - | We believe in it. Charter: | http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAb087zOrqAtg8JS8RAq6hAKClY2XtVLOhIP43GxKH3M8XhZxNWQCgjbaz mAG0+ZIP/GoxgghfhkaDC1Y= =cXa+ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Training & Certifications, (continued)
- Re: Training & Certifications Ron DuFresne (Apr 05)
- Re: [FD] Training & Certifications Andrew J Caines (Apr 05)
- Re: Training & Certifications Exibar (Apr 05)
- RE: Training & Certifications Laura Taylor (Apr 06)
- Re: Training & Certifications Exibar (Apr 06)
- RE: Training & Certifications Bojan Zdrnja (Apr 05)
- Re: Training & Certifications Valdis . Kletnieks (Apr 05)
- RE: [inbox] Re: Training & Certifications Exibar (Apr 05)
- Re: Training & Certifications Dave Aitel (Apr 03)
- RE: [inbox] Re: Training & Certifications Curt Purdy (Apr 04)
- Re: Training & Certifications John Sage (Apr 05)