Penetration Testing mailing list archives
RE: EC-Counsil (Book Review) Can we wrap this thread up?
From: "Owen, Matt" <Matt.Owen () dyncorp com>
Date: Mon, 30 Aug 2004 14:27:39 -0500
The books themselves for the EC-Council class are not bad. The booklet they put together and their PDF coursewear has numerous grammatical and spelling erros. Your experience in the class itself will all depend on if you have an instructor who is going to stick by the book, or someone who will bring the class up to date a bit on his own. Matt Owen -----Original Message----- From: Andy Cuff [mailto:lists () securitywizardry com] Sent: Monday, August 30, 2004 5:01 AM To: Wayne M Burke; randori .; pen-test () securityfocus com Subject: Re: EC-Counsil (Book Review) Can we wrap this thread up? Hi, I'm sorry, but it's the content I'd be buying such a book for, not it's presentation. My opinion would be different if it were a fictional novel. I've not read the book in question, therefore rate my comment accordingly, but I suspect the review is a little harsh. I don't think you can go far wrong with the Hacking Exposed books, which are good for technical reference. However, if it's a well written and presented book that doesn't require a wheelbarrow to move it, then Chris McNab's "Network Security Assessment" by O'Reilly is very good and not at all verbose. Reverting to the original thread, a course will allow you to hit the ground running in just a few days, though it will not make you a pen tester and you will need to consolidate the knowledge gained. Using a book allows you to tackle every method from the ground up, there will be no preinstalled software and you have to do it all yourself, the knowledge gained is much more useable and will remain in memory for longer (I'm getting old) However, there will be no instructor giving you the MOST important value added real world experience, or helping you with the new syntax for the latest version of sploit X, Y or Z And a course gives you subject submersion 0800-1800 and later. Personally I'm too easily distracted to give this kind of attention to personal study with a book. In summary I like courses, but they are not a panacea. Now back to my PRINCE2 study with a book that I can't motivate myself to open. Damn distractions, see what I mean ? -andy cuff Talisker's Computer Security Portal Computer Network Defence Ltd http://www.securitywizardry.com ----- Original Message ----- From: "Wayne M Burke" <wburke () secureye com> To: "randori ." <randori82 () hotmail com>; <pen-test () securityfocus com> Sent: Sunday, August 29, 2004 11:37 PM Subject: Re: EC-Counsil
This is what Amazon has as a review: "Reviewer: A reader The EC-Council calls itself a professional organization, but the
horrendous
grammatical and punctuation errors contained in this book cast serious
doubt
upon that claim. I found myself wondering if English is the first
language
of the author(s). Even the printing is awful, as on every page words
are
interrupted by empty "spa ce." I can't even address the content--I got
a
headache just trying to get the sentences to make sense, and finally
had to
give up. If so little attention is given to the presentation of the
facts,
how much confidence can I have that the facts themselves are correct?" ----- Original Message ----- From: "randori ." <randori82 () hotmail com> To: <pen-test () securityfocus com> Sent: Sunday, August 29, 2004 9:40 AM Subject: RE: EC-CounsilI know you can by the EC-Coucil CEH book at Barnes and Noble for 75
bucks.
It should give you a pretty good understanding of what the course
will
entail.
http://www.amazon.com/exec/obidos/tg/detail/-/0972936211/ref=wl_it_dp/10 3-8029621-6183802?%5Fencoding=UTF8&coliid=I2YT787IAISYN&v=glance&colid=2 1GEEQ4AL0BVL
If you're unsure, give that book a shot and then reasses. -AndreFrom: Chris Griffin <cgriffin () dcmindiana com> To: pen test <pen-test () securityfocus com> Subject: EC-Counsil Date: Tue, 24 Aug 2004 08:13:58 -0500 MIME-Version: 1.0 Received: from outgoing3.securityfocus.com ([205.206.231.27]) by mc11-f40.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Sat, 28
Aug
2004 06:08:11 -0700 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with
QMQPid
B655323729B; Tue, 24 Aug 2004 14:53:21 -0600 (MDT) Received: (qmail 1720 invoked from network); 24 Aug 2004 11:51:39
-0000
X-Message-Info: JGTYoYF78jEEceEcdwg904RM+b8DPEqt Mailing-List: contact pen-test-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <pen-test.list-id.securityfocus.com> List-Post: <mailto:pen-test () securityfocus com> List-Help: <mailto:pen-test-help () securityfocus com> List-Unsubscribe: <mailto:pen-test-unsubscribe () securityfocus com> List-Subscribe: <mailto:pen-test-subscribe () securityfocus com> Delivered-To: mailing list pen-test () securityfocus com Delivered-To: moderator for pen-test () securityfocus com Message-ID: <412B3F16.2060706 () dcmindiana com> User-Agent: Mozilla Thunderbird 0.6 (X11/20040819) X-Accept-Language: en-us, en X-Enigmail-Version: 0.83.6.0 X-Enigmail-Supports: pgp-inline, pgp-mime Return-Path: pen-test-return-1078475230-randori82=hotmail.com () securityfocus com X-OriginalArrivalTime: 28 Aug 2004 13:08:12.0049 (UTC) FILETIME=[12580010:01C48D00] List, I was looking to see if anyone had any exposure to ec counsil's CEHcourse.I have heard mixed views on the ec counsil, but nothing about their courses. I dont really care about getting a certification, but I wouldnt
mind
getting one also. My main concern is, learning quality stuff that I can put to use in
a
security career. As im sure everyone feels the same, I Dont want to drop my money on something that looks good, but really isnt going to help build knowledge. for a quick reference, here is a link to the exam/course I found http://www.mile2.com/certified_ethical_hacker_training_v3.html and http://www.eccouncil.org/CEH.htm Does anyone know if this is quality stuff, or is there something
out
therebetter? (A major factor to me looking at this was, I can find a class local
so I
dont have to travel) Regards, Chris-----------------------------------------------------------------------
----
---Ethical Hacking at the InfoSec Institute. All of our class sizes
are
guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hackingcourse,learn to write exploits and attack security infrastructure. Attend
a
coursetaught by an expert instructor with years of in-the-field pen
testing
experience in our state of the art hacking lab. Master the skills
of an
Ethical Hacker to better assess the security of your organization.http://www.infosecinstitute.com/courses/ethical_hacking_training.html-----------------------------------------------------------------------
----
----_________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from
McAfee(r)
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
------------------------------------------------------------------------ --
----Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hacking
course,
learn to write exploits and attack security infrastructure. Attend acoursetaught by an expert instructor with years of in-the-field pen
testing
experience in our state of the art hacking lab. Master the skills of
an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------ --
-----
------------------------------------------------------------------------ -- ----
Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hacking
course,
learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of
an
Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------ -- -----
------------------------------------------------------------------------ ------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ------- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- RE: EC-Counsil (Book Review) Can we wrap this thread up? Owen, Matt (Aug 30)