Home page logo

pen-test logo Penetration Testing mailing list archives

Ethical Hacking Training
From: "Daryl Davis" <daryl () wcgmi com>
Date: Tue, 20 Jan 2004 10:16:28 -0800

Hash: SHA1

2ccs from me, 
First, you never learn anything in school.  You are taught the
basics, it is then up to you to go and learn how to use them, and
become advanced.  It is like someone who goes to school to become a
programmer, you are not a programmer when you leave the school, you
just know some syntax.  

Daryl R Davis
West Coast Game Management Inc. 

-----Original Message-----
From: Mike Hoskins [mailto:mike () adept org] 
Sent: Monday, January 19, 2004 2:24 PM
To: pen-test () securityfocus com
Subject: Re: Ethical Hacking Training

Don Parker wrote:
These courses are giving people unrealistic expectations of 
what they 
will know after one
of these 1 week courses. Nothing wrong with trying to make 
a dollar, but one should be 
honest as well in the process. It is doing a great 
disservice to the industry as a whole 
to make people think that they will be a "hacker" after a 1 
week course. It should be 
clearly stated that these courses are but an introduction 
into the world of the true 
hacker. It will be up to the student to make of it what 
they will, and then build upon it. 
Showing people what "Ethical Hacking" is all about is a 
laudable goal. The thing is we 
must not forget our own ethics along the way to doing so in 
pursuit of the almight dollar.

i agree with what you are saying, but let's be honest...  if 
someone is 
actually dense enough to think they'll be a "hacker" after a one
week  course, only half of which (if you're lucky) is actual
"hands-on" lab  time...  well, let's just say they'll probably
actually be happy to  "learn" how to use a port scanner.

Sorry for the rant folks, but this hits a sore spot for me.


if you're a CISSP+whatever with 10+ years of industry 
experience...  why 
would you bother with such a course to begin with?  or even 
think about 
it?  by then, you know the only way you learn in life is hard work.
 reading, brute force, lots of lab time...  there is no "one week" 
answer.  so it would seem to me that these "ethical hacking"
courses,  which many seem to feel are lacking in content, should
be seen as "but an introduction".  advertising claims may 
make it less 
obvious, as is often the case, but most people in our industry will
 already have learned to read marketing brochures with their 
firmly attached.


Version: PGP 8.0.2


Attachment: Daryl R Davis (daryl@wcgmi.com).vcf


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]