Penetration Testing mailing list archives

Re: OPST vs CEH

From: Ben Nelson <lists () venom600 org>
Date: Mon, 09 Feb 2004 15:44:30 -0700

I would second Don's recommendation for the SANS training classes (andcertifications for that matter). The SANS courses are taught by somevery sharp people, and you'll learn a ton. Also, as Don pointed out,the training for me didn't even really begin until I began thecertification process, which was very intense.....a very good measure ofyour ability to grasp what the class was supposed to teach you.

I think the bottom line is that you'll probably gain some greatknowledge from any of the classes recommended, especially if you'venever taken any similar training before. It's all personal preference,but I'm convinced that the SANS training and certification process isone of the most thorough.


--Ben
Ben Nelson, GCFW

Don Parker wrote:

Hello Brian, did you actually bother to certify after taking whatever SANS training itwas that you took? The SANS training is among the best out there, however the challengestarts when you do the certification process. This has not only a difficult "practical"portion, but also two demanding exams. From what I have seen of the OSTMM and the CEHneither one of them measure up. The OSTMM does seem to offer business training as wellthough in addition to the other obvious training. Though I would say that is best leftto a place which actually specializes in business training such as a college.


Cheers

-------------------------------------------
Don Parker, GCIA
Intrusion Detection Specialist
Rigel Kent Security & Advisory Services Inc
www.rigelksecurity.com
ph :613.249.8340
fax:613.249.8319
--------------------------------------------

On Feb 6 , "Bartholomew, Brian J" <BartholomewBJ () state gov> wrote:

I have taken the CEH but not the OPST.  The CEH is kinda simplistic, and
pretty easy to pass.  I have not taken the OPST, however, I have heard that

it is much more in depth and more difficult to pass.

I do think the course designed with the CEH exam (I took one through Intense
school) is one of the better courses I have taken (in comparison with
Foundstone, SANS, etc.).  Those "other" courses are too mainstream and none

of them speak of the OSTMM except for the CEH oriented classes.

To sum it up...If you are looking for letters after your name and a good
base to start with, go for the CEH (it can't hurt).  If you want to take a
more detailed, OSTMM sponsored test, take the OPST.  What the hell, take
both if you really like a challenge :)

Brian J. Bartholomew
Bureau of Diplomatic Security
DS/SI/ACD SA-20 Special Programs
Ph: 571-345-2598
Cell: 202-369-6349
1801 North Lynn St.
Arlington, VA 22201


-----Original Message-----
From: circut () hackthisbox org [mailto:circut () hackthisbox org]
Sent: Friday, February 06, 2004 11:01 AM
To: kenzo
Cc: pen-test () securityfocus com
Subject: Re: OPST vs CEH



I've taken the CEH class. It's pretty good, but it focuses more on hacking
windows then it does linux or unix. The instructor and environment was
good though. They don't really talk too much in depth about buffer
overflows or privledge escalation on linux. But I think the class was
worth it. NEver taken any of those other tests.

                                                -circut

On Wed, 4 Feb 2004, kenzo wrote:

I'm thinking about taking one of these certs. OPST (OSSTMM PROFESSIONAL
SECURITY TESTER)
or CEH (certified ethical hacker)
I've read about the two, and they seem to be kind of the same thing.
I know that some people in here were talking about the opst, but what


about

the ceh?
Has anyone taking the CEH or both?
Please let me know.

thanks.


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

Current thread:

OPST vs CEH kenzo (Feb 05)
- Re: OPST vs CEH circut (Feb 06)
- <Possible follow-ups>
- RE: OPST vs CEH Matthew Stein (Feb 06)
- RE: OPST vs CEH Bartholomew, Brian J (Feb 06)
  - RE: Learning vs. Play Time Robert E. Lee (Feb 07)
    - RE: Learning vs. Play Time Clement Dupuis (Feb 12)
- RE: OPST vs CEH Don Parker (Feb 07)
  - Re: OPST vs CEH Ben Nelson (Feb 11)
- RE: OPST vs CEH Bartholomew, Brian J (Feb 11)
  - RE: OPST vs CEH wjnorth (Feb 12)
    - credentials & experience (was: Re: OPST vs CEH Meritt James (Feb 16)
  - Re: OPST vs CEH Patrick Prue (Feb 13)
    - RE: OPST vs CEH Pete Herzog (Feb 16)
- RE: OPST vs CEH Don Parker (Feb 12)
- RE: OPST vs CEH Don Parker (Feb 13)
  - RE: OPST vs CEH wjnorth (Feb 16)