Re: Ethical Hacking Training

[Mike Hoskins <mike () adept org>]

Don Parker wrote:
> These courses are giving people unrealistic expectations of what they will know after one 
> of these 1 week courses. Nothing wrong with trying to make a dollar, but one should be 
> honest as well in the process. It is doing a great disservice to the industry as a whole 
> to make people think that they will be a "hacker" after a 1 week course. It should be 
> clearly stated that these courses are but an introduction into the world of the true 
> hacker. It will be up to the student to make of it what they will, and then build upon it. 
> Showing people what "Ethical Hacking" is all about is a laudable goal. The thing is we 
> must not forget our own ethics along the way to doing so in pursuit of the almight dollar.

i agree with what you are saying, but let's be honest...  if someone is 
actually dense enough to think they'll be a "hacker" after a one week 
course, only half of which (if you're lucky) is actual "hands-on" lab 
time...  well, let's just say they'll probably actually be happy to 
"learn" how to use a port scanner.

> Sorry for the rant folks, but this hits a sore spot for me. 

ditto.

if you're a CISSP+whatever with 10+ years of industry experience...  why 
would you bother with such a course to begin with?  or even think about 
it?  by then, you know the only way you learn in life is hard work. 
reading, brute force, lots of lab time...  there is no "one week" 
answer.  so it would seem to me that these "ethical hacking" courses, 
which many seem to feel are lacking in content, should quite obviously 
be seen as "but an introduction".  advertising claims may make it less 
obvious, as is often the case, but most people in our industry will 
already have learned to read marketing brochures with their spin-goggles 
firmly attached.


---------------------------------------------------------------------------
----------------------------------------------------------------------------