Home page logo
/

basics logo Security Basics mailing list archives

Re: CEH program and Sybex Study Guide
From: J Teddy <jteddylists () gmail com>
Date: Tue, 27 Sep 2011 10:02:38 +1000

In Addition
Offensive Security pen testing with backtrack linux
http://www.offensive-security.com/online-information-security-training/penetration-testing-backtrack/

I would only consider CEH if employers were asking for it.
My friend from Malaysia said that the CEH is like a license in which
you need to have to perform pen-testing.  Other than that SANS and
Offensive Security all the way.


On Tue, Sep 27, 2011 at 7:12 AM, Larry Marin <lmarin () accessgroup org> wrote:
SANS is #1  no question



Larry Marin CISSP; CISM; CRISC CEH; G7799; NSA IAM/IEM etc etcra
Information Security



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Tony Johnson
Sent: Monday, September 26, 2011 4:37 PM
To: security-basics () securityfocus com
Subject: RE: CEH program and Sybex Study Guide

What would be considered superior training. I hold the following Certifications. I am now focusing on security as my 
carrer. What are The best most infective courses from an operations prospective.

MCP,MCSA,MCSE,MCTS,MCTIP,VCP,CCNA,CIW,Project+

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gage Bystrom
Sent: Monday, September 26, 2011 1:00 PM
To: security-basics () securityfocus com
Subject: Re: CEH program and Sybex Study Guide

Can't say I have any to be honest. However I collect  study materials for various certifications and the likes to 
plan out what I may consider getting. Unfortunately only a few make that list since I am more of an independent 
learner. Most certifications are nothing but
shiny(maybe) pieces of paper to me.

In particular all of the resources I've collected on CEH, it is particularly noteworthy in the entire course can be 
summed up be reading whatever the latest core Hacking Exposed book is out at the moment.

While such information is critical for beginners it simply isn't enough in the practical world. It'll help land you 
the job, but unless the security is super low and susceptible to trivial attacks, it isn't enough to land you the 
"box".

I don't know how many security professionals hang out in areas where they come in contact with the underground(not 
talking carders here), but if you ask around and get a reply it becomes blazingly obvious that a lot of 
certifications are waay off when it comes to a realistic targeted attack. Simply because an authorized penetration 
tester doesn't have to worry about the same things a malicious attacker has to do. Pentesters can take shortcuts and 
are almost religiously taught such shortcuts in certifications, books, and methodology. These shortcuts WILL make you 
miss what a malicious attacker WON'T miss.

Hence if you're only training is coming from something like CEH, and your not heavily learning from far superior 
sources, then you will be sorely lacking when it is time to face the music, providing yet another embarrassment to 
the industry.

On Mon, Sep 26, 2011 at 12:40 PM, Hanson Coffie Kyeremeh <Hanson.Kyeremeh () vodafone com> wrote:
Hi Gage,
What certifications do you have?
Best Regards,
Hanson Coffie Kyeremeh
Network & OSS Security Manager
Vodafone Ghana
Cell:+233202001119

Sent from Vodafone BlackBerry® Smartphone

----- Original Message -----
From: listbounce () securityfocus com <listbounce () securityfocus com>
To: security-basics () securityfocus com
<security-basics () securityfocus com>
Sent: Mon Sep 26 19:28:59 2011
Subject: Re: CEH program and Sybex Study Guide

CEH is good for getting a job, not for knowledge. Any serious hacker
would laugh at the content CEH covers. I would advise only taking it
if you plan on heavily supplementing it with real knowledge.

On Mon, Sep 26, 2011 at 12:11 PM, gig <gigabit () satx rr com> wrote:
Alberto,

I've been through a week long CEH class taught by Global Knowledge.
The content was ok, but I was frustrated in that the instructor
couldn't talk about how to defend against these attacks.

Regardless, if you have an interest in hacking, yes, you should
pursue this certification...and yes, it will help you gain
credibility as an Information Security professional.

Since we don't know your knowledge or experience level, it's
difficult to know if this is best use of your time.......but the this
general statement will always hold true:

All things being equal, having certifications is better than not
having them.

Hope this helps you.


----- Original Message ----- From: "Alberto Medina"
<amedinaj () gmail com>
To: <security-basics () securityfocus com>
Sent: Saturday, September 24, 2011 1:59 PM
Subject: CEH program and Sybex Study Guide


Hi all,
I know maybe in this list you have talk a lot about CEH program, but
I want to know what do you really think about this program (CEH)? Is
this really useful to start in information security? And what do you
think about the Sybex Study Guide, by "Kimberly Grave"?
I do this question because a couple of years ago I took the CompTIA
Security+ exam and passed it, but I wanna to continue the preparation
Security+ in the
field of information security and Ethical hacking, and someone
recommended me the "Certified Ethical Hacker" certification as a good
way to continue the path, so a bought the Sybex Study Guide for the
exam, but I don't see a lot of difference between the content of
Security+ program and this one, I thought I'd find the CEH deeper in the subject than Security+ program.
In fact, I found this Sybex guide is not very actual, there's not any
mention to Windows 7 or even Vista, the tools mentioned are kind of
old, in the "cracking password" section they don't talk about rainbow
tables, only a littler mention; in the "backdoor" sections she (the
author) recommend adding an additional hard disk to the computer and
boot from there for protection using the backdoor she mention, or buy
a Windows netbook, but it's not better using a VM in for testing?
Anyway, I just want to know what you think about this program? If
not, what do you recommend for continue the path to Ethical Hacking
and Information Security.

Thank you and best regards,
Alberto Medina

(Excuse my English :) )


---------------------------------------------------------------------
--- Securing Apache Web Server with thawte Digital Certificate In
this guide we examine the importance of Apache-SSL and who needs an
SSL certificate.  We look at how SSL works, how it benefits your
company and how your customers can tell if a site is secure. You will
find out how to test, purchase, install and use a thawte Digital
Certificate on your Apache web server. Throughout, best practices for
set-up are highlighted to help you ensure efficient ongoing
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be
442f727d1
---------------------------------------------------------------------
---



---------------------------------------------------------------------
--- Securing Apache Web Server with thawte Digital Certificate In
this guide we examine the importance of Apache-SSL and who needs an
SSL certificate.  We look at how SSL works, how it benefits your
company and how your customers can tell if a site is secure. You will
find out how to test, purchase, install and use a thawte Digital
Certificate on your Apache web server. Throughout, best practices for
set-up are highlighted to help you ensure efficient ongoing
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be
442f727d1
---------------------------------------------------------------------
---



----------------------------------------------------------------------
-- Securing Apache Web Server with thawte Digital Certificate In this
guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it 
benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
42f727d1
----------------------------------------------------------------------
--



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------




------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]