Penetration Testing mailing list archives
Re: CEH and Intense School
From: "Bilal Dar" <bilal () it-pro net>
Date: Fri, 7 Nov 2003 14:46:56 +0300
Hi everyone, I find you people lucky that you can attend such courses, i know they cant make anyone hacker but atleast they can put you on the rite track. I always wanted to know more about security or in other words how you can hack someone. For that i took CS majors, i knew it wasnt of much use so i started taking netwoking courses. Started working with linux did a lot of certifications mcse,ccna,ccnp even half way to ccie. But this was not i really wanted, i still did not know much about hacking. Then i took elearning courses from sans that gave me more information than i gathered in my last 4 yrs. Even that didnt help me much because i was not able to find most of the tools. Now recently i asked my manager to patch all the systems caz they might get hacked, he didnt believe me. He asked me to hack one of them and then he will consider doing that. I cudnt hack so i just got my laptop infected with blaster worm connected it on my LAN and when computers started rebooting he agreed. In short i couldnt achive what i wanted in 5 yrs, even though i worked hard on it. The course from SANS "hacker techniques, exploits and incident handling" gave me more information than what i have gathered in all these years but still it was not enuff. I think you just need to get in the rite direction and be with the rite community on net where you can share information. Regards Bilal Dar. ----- Original Message ----- From: "Peter Mercer" <inom () ozemail com au> To: "'Andrew Turner'" <andrewhturner () yahoo com>; "Penetration Testers" <PEN-TEST () SECURITYFOCUS COM> Sent: Friday, November 07, 2003 1:19 AM Subject: RE: CEH and Intense School
Hi Andrew, A few questions to find out about Ethical Hacking courses; Q-What's covered over the course Remember most courses are +- 4 - 5k, that's good money, make the sales man do his job and explain, ask for references from past attendees. Q-How many times has this course been delivered You want more than 4 to know the bugs are ironed out in labs and so on. Q-What equipment do I get to use. You don't want to be stuck with a p2 300 laptop with 64 megs. Q-How many and what do the lab consist of If it's a 5 day course you would want 4 - 5 labs of a reasonable duration and complexity (not just one box with Unicode) or it may be death by PPT Q-Do the labs have multiple OS and applications that need exploiting. Your there for as much experience as you can get Q-How old are the patch levels on the lab boxes If they are using NT4 sp 1 and Redhat 5.3 you are not going to learn stuff you can use a lot every day. That said even old exploits can teach you the mindset you need to use new exploits. Q-Is there a Firewalls involved in the lab. Once again you want experience, if the course developer has gone to the trouble to configs and design labs that have multiple technologies and made a hack that needs you to bounce around all of them, you can believe the course is well thought out. Q-In the course how much is different or not in the Hacking Exposed book. Foundstone have not only been writing books for years on hacking, that everybody consults at some stage but have also been teaching for as long or longer. So I would want to know how they differentiate themselves from other courses or what's is in the book. Remember the book only costs $50. Q-What tools do you use on the course and do I get a CDrom with them all on at the end of the course If they show you all the tools they have personally written and wont share them or the ones they use cost gazillions to buy that may limit how useful the course is. Q-how much time is spent on automated vulnerability scanners (AVS) Your not there to learn to point and click. AVS have there place but knowing how to do it yourself is why you are there. Q-What's for lunch Q-Is the t-shirt cool This is just a few questions I would ask. Kind regards Peter Mercer (look no alpherbet soup) 92487000 0419892600 -----Original Message----- From: Andrew Turner [mailto:andrewhturner () yahoo com] Sent: Thursday, November 06, 2003 12:47 AM To: pen-test () securityfocus com Subject: CEH and Intense School Greetings, I am considering taking the Ethical Hacking course tought by Intense School. Has anyone had experience with this training program? If so, I would be very interested in hearing your comments on the program. Thanks in Advance! -- Andrew H. Turner, CISSP __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree ------------------------------------------------------------------------ --- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------
-
Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. --------------------------------------------------------------------------
--
--------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ----------------------------------------------------------------------------
Current thread:
- CEH and Intense School Andrew Turner (Nov 06)
- Re: CEH and Intense School Jeremiah Cornelius (Nov 06)
- RE: CEH and Intense School Tony Brown (Nov 06)
- RE: CEH and Intense School Ed Vazquez (Nov 06)
- RE: CEH and Intense School Robert E. Lee (Nov 07)
- RE : CEH and Intense School guy d (Nov 07)
- RE: CEH and Intense School Ed Vazquez (Nov 06)
- Re: CEH and Intense School Byron Sonne (Nov 06)
- RE: CEH and Intense School Peter Mercer (Nov 06)
- Re: CEH and Intense School Bilal Dar (Nov 07)
- <Possible follow-ups>
- RE: CEH and Intense School Wade Winright (Nov 06)
- Re: CEH and Intense School jvfields (Nov 06)
- RE: CEH and Intense School Chuck Herrin, CISSP, MCSE (Nov 06)
- RE: CEH and Intense School Erik Birkholz (Nov 06)
- RE: CEH and Intense School Erik Birkholz (Nov 07)
- RE: CEH and Intense School Peter Mercer (Nov 09)
- RE: CEH and Intense School Martin Dion (Nov 07)
- RE: CEH and Intense School Bartholomew, Brian J (Nov 07)
- Re: CEH and Intense School James Fields (Nov 09)
- RE: CEH and Intense School Pete Herzog (Nov 12)
- Re: CEH and Intense School James Fields (Nov 09)
(Thread continues...)