RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE)

From: Shahin Ansari (zohal52@yahoo.com)
Date: Thu Jul 27 2006 - 09:38:34 EDT


I respectfully disagree with your view. Presenting a
paper is very nice, but it represents a person's
knowledge in a narrow area, which is usually not very
helpful in work environment. If you are hiring manager
for a noc, you don't need someone who can speak on
let's say PKI for 1/2 hour. You need someone is has a
broad knowledge of routing, and knows commands for the
paltform your network uses, and as such I think
Certification is good. I agree that it has become a
way to make money and I don't appreciate that. I like
to have a very imprtial view of vendors, but I think
Cisco does an excellent job of documenting what
someone needs to know to be effective in market.
Further, I think ppl who pass an exam ( not cheating )
but pass it without hands on, definately deserve a
shot at a position. Although they may struggle, I
think passing an exam which you do not have equipment
for shows character.

Sean

--- "Graves, Jamie" <j.graves@napier.ac.uk> wrote:

> Hello,
>
> Funny that this should come up; Bruce Schneier
> covers this to a certain
> degree in the following article:
>
>
http://informationsecurity.techtarget.com/magLogin/1,291245,sid42_gci119
> 6098,00.html
>
> - Jamie
>
> -----Original Message-----
> From: Robert E. Lee [mailto:robert@dyadsecurity.com]
>
> Sent: 27 July 2006 11:40
> To: shreyas@technitium.com
> Cc: shreyasonline@yahoo.com; slamboy@gmail.com;
> pen-test@securityfocus.com
> Subject: Hacker Stories, Certs, vs Projects - Was
> Re: Technitium MAC
> Address Changer v3.1 (FREEWARE)
>
> The "practical application" portion of the CISCO
> CCIE certification is
> why organizations can trust the CCIE job applicant
> can serve a useful
> cisco networking function in their organization. Any
> certification that
> fails to measure the candidates actual ability to
> perform a useful
> function in the subject of the certification is
> useless (ala CEH, CISSP,
> CISA, CISM, which can all be passed with 0 years of
> experience). To the
> best of my knowledge about the current infosec
> certs, ISECOM's OPST
> (www.opst.org) and OPSA (www.opsa.org) come the
> closest to fulfilling
> the the practical measurement requirement. For what
> it's worth, we would
> not consider hiring a candidate who advertised that
> they have a CEH
> certification.
>
> If you want to stand out in an interview, perform a
> useful function that
> your peers respect you for. Presenting your ideas at
> conferences or
> contributing to computer security research papers
> and projects will get
> you a lot more credibility in a job interview than
> "hacking stories" or
> "hacker certifications". There are a lot of
> projects to choose from.
> If none of them excite you, start your own. ;)
>
> Robert
>
> --
> Robert E. Lee
> Chief Information Officer
> http://www.dyadsecurity.com
>
> phone: (949) 394-2033
> fax : (949) 486-6601
> email: robert@dyadsecurity.com
>
>
------------------------------------------------------------------------
> ------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only
> one to win the
> Analyst's
> Choice Award from eWeek. As attacks through web
> applications continue to
> rise,
> you need to proactively protect your applications
> from hackers. Cenzic
> has the
> most comprehensive solutions to meet your
> application security
> penetration
> testing and vulnerability management needs. You have
> an option to go
> with a
> managed service (Cenzic ClickToSecure) or an
> enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how
> a managed service
> can
> help you:
> http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit
> for you to confirm
> your
> results from other product. Contact us at
> request@cenzic.com for
> details.
>
------------------------------------------------------------------------
> ------
>
> This message is intended for the addressee(s) only
> and should not be read, copied or disclosed to
> anyone else outwith the University without the
> permission of the sender.
> It is your responsibility to ensure that this
> message and any attachments are scanned for viruses
> or other defects. Napier University does not accept
> liability for any loss
> or damage which may result from this email or any
> attachment, or for errors or omissions arising after
> it was sent. Email is not a secure medium. Email
> entering the
> University's system is subject to routine monitoring
> and filtering by the University.
>
>
------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only
> one to win the Analyst's
> Choice Award from eWeek. As attacks through web
> applications continue to rise,
> you need to proactively protect your applications
> from hackers. Cenzic has the
> most comprehensive solutions to meet your
> application security penetration
> testing and vulnerability management needs. You have
> an option to go with a
> managed service (Cenzic ClickToSecure) or an
> enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how
> a managed service can
> help you:
> http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit
> for you to confirm your
> results from other product. Contact us at
> request@cenzic.com for details.
>
------------------------------------------------------------------------------
>
>

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:25 EDT