From: Rivest, Philippe (Rivestp@metro.ca)
Date: Wed Mar 05 2008 - 08:25:38 EST
I dont want to burst the bubble for CEH but I have it and I think it's almost worthless. They show you how to use a few hundread of tools for super specific things (like a tool that gets ONLY the emails from a web site, like a spider tool).
The sheer number of tools that is given in that 5 day training means that you don't understand or master any of them. Furthermore I have the feeling that we did not explore deep enough the technical part of ANY of these tools or technique.
To me, basically, this cert was 4.5k down the drain. It did help me get a new job, IT DOES help the moral and it helps figure out how good you already are (or not). But beside that, I think its not worth it for any experienced person (I was a low/intermediate security analyst).
Hope this helps save money or get a better ID.
-----Message d'origine-----
De : listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] De la part de Danux
Envoyé : mardi 4 mars 2008 12:28
À : 11ack3r
Cc : pen-test@securityfocus.com
Objet : Re: InfoSec certification EC/BackTrack?
You should seriously check Security 101 from BackTrack guys!!!!!
You said its risky but think about ISC2, CORE IMPACT and SAINT who has
support this excellent certification.
Finally its a hands on cert, you will learn how to create exploits nor
only use security tools like CEH!!!!
Cheers!!!!
On Tue, Mar 4, 2008 at 4:33 AM, 11ack3r <11ack3r@gmail.com> wrote:
> Hi List
>
> What would be a good certification for a newcomer to start a career in
> InfoSec? I've heard of CEH/ECSA/LPT but then I haven't had great
> review about it from the list. The place where we are SANS doesn't
> offer any course around. SANS Pen-Test course although is available on
> demand, it costs $3500 which is well too much for guys in my
> country... I've heard of something from Back Track guys.. looks
> promising... but risky too at the same time...
>
> what certification would be most rewarding to get a good job?
>
> Looking forward to your replies.
>
> Thanks
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
-- Danux, CISSP, OSCP, ISO27001 Offensive Security Consultant Macula Security Consulting Group www.macula-group.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:26 EDT