Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.






Lost Password?
No account yet? Register
Who's Online
We have 45 guests online
 
Advertisement

You are here: Home
EH-Net
May 24, 2013, 08:31:44 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1] 2 3
1  Ethical Hacking Discussions and Related Certifications / General Certification / Re: IT Certication – Certificate Frame. on: October 12, 2009, 08:32:25 AM
I hang mine around my neck like Flavor Flav.  Then I put the logos in all my emails and letter head.  And I have copies in different frames, next to pictures of me, through out my office and house.  Depending on the conversation I start every sentance with "As a (Insert cert here - CISSP - CHFI, Sec+ETC) I see it like this...."

Ok I lied.  I really have no idea what happened to them after they came in the mail.
2  EH-Net / News Items and General Discussion About EH-Net / Re: Companies always take actions too late. on: May 22, 2009, 10:20:33 AM
so so so true.  I run into this every single day.  It makes no sense.  but really it is just ignorance.  If you dont understand the digital world it is hrd to understand the threat.  Most people think "I have no idea how to do that or why you would do that, so I bet prety much everyone else is in my shoes."  But those same people would never say "I like to leave my doors and windows open when I leave the house.  Ive never had an issue with burglary, so..."  that is because they can feel see and touch the issue.  I think:)
3  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: Nmap show a lot of ports on: April 29, 2009, 12:38:15 PM
Ive seen this happen when scsanning an ISA box.  It showed almost all ports opened.  They were false positives that I think were due to how it was proxying.
4  Ethical Hacking Discussions and Related Certifications / CHFI - Computer Hacking Forensic Investigator / Re: Passed the C|HFI on: March 27, 2009, 01:16:18 PM
Thanks!  The good thing is the errors are very obvious:)  Overall it is fine.  I just like to gripe.
5  Ethical Hacking Discussions and Related Certifications / CHFI - Computer Hacking Forensic Investigator / Passed the C|HFI on: March 27, 2009, 11:00:45 AM
I just passed the CHFI and wanted to write out a couple general thoughts before I forgot them.

Study references:
The Official CHFI Study Guide from Syngress.
I took the 1 week class at New Horizons.  They loaded me up with 4 books.

Opinion on study guides and class:
If you have any security experience and understand it, I would go with the Syngress Study guide.  My company paid for the class (and I am very grateful for that.  It is a good company!), but you can pass without it.  Although the class did reinforce some major concepts and the discussions help out in the real world.  Overall I am glad I took it.   

The test:
The test isnt too hard.  But there is so much information it is difficult to understand how in depth it will be.  There will be questions that make no sense and that didn’t show up in any reference books.  Some are very “in depth” while some are surface and basic concept.  I found that the ones I didn’t recognize were easy to guess or logically eliminate the wrong answers.

What I liked about the experience:
I think it is a good balance of technical information (what certain logs mean, how to use certain tools) and administrative information(Chain of custody, laws etc). 

What I didn’t like:
The Syngress book and in the books handed out in class had so many factual, grammatical and logic errors it was almost difficult to read.  Even the sample tests that come with the book had errors.  The other thing that bothered me was the concentration on tools.  It seems like it should be more concept based with a couple tools.  Every reference book was page after page of tools.  I think the tools should be a side item.  It is great that they include them, but you should not be required to memorize a million shareware and pay tools when they change all the time. 
6  Ethical Hacking Discussions and Related Certifications / CHFI - Computer Hacking Forensic Investigator / Re: Added C|HFI to my Sig - Thanks to All on: March 09, 2009, 02:52:47 PM
what are your thoughts on the test?  I am taking it in about 2 or 3 weeks.  What did you do to prepare?

7  Ethical Hacking Discussions and Related Certifications / CHFI - Computer Hacking Forensic Investigator / Re: CHFI recently? on: March 05, 2009, 08:26:19 AM
I have not taken it yet.  I will be in a class on the week of the 16th.  then I think I will take it that friday or the following monday.  I will let you guy sknow ho wif went!
8  Ethical Hacking Discussions and Related Certifications / Malware / Re: So.... on: March 03, 2009, 01:02:22 PM
hmmm.  I have a "friend"Smiley that really put some thought into that.  Actually this friend thought about setting up a repository that all of these emails can be looked at and recorded...then sent a friendly example of an exploit.

But then I realized I would be breaking the law.  I lost my anger.  and then the reality of it sank in.  then it naturally goes to "why dont the cops do something like that?"  and all the arguments of boundries and ....ugh. 
9  Columns / Editor-In-Chief / Re: [Article]-DIY Career in Ethical Hacking: The R-Rated Version on: February 27, 2009, 03:11:58 PM
I enjoyed listening to this.  I listened while I was in traffic.  I really enjoy MP3s of this stuff to listen to while driving.  If only all of the study guides were like this.  I liked the stories and the idea of @%$it, just get out there and do it.  But my favorite part of the presentation is that you are not looking at is as a "punching the clock" JOB.  You seem to look at it as a grass roots way of life that you can happen to make money in.  so many folks base these conversations on how to wait for the right job, line youself up for the right position and all of the other variables that you may not have control over.  You seem to emphisise making it happen then letting those pieces fall together.

My grandfather also had a life changing affect on me.  He said "if you cant buy it, you cant afford it" damn he was ahead of his time:) And he said "just do what you love and I am sure you will make money at some point.  Unless you are horrible, then just do something you are OK at but dont suck at."
10  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: Titles & Names on: February 27, 2009, 12:26:05 PM
I am officially going with "Bit Pimp"
11  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: Titles & Names on: February 27, 2009, 10:07:23 AM
I know all fields suffer from identity issues.  No one that understands the nuance of any career can be satisfied with a simplified title.  But I don’t see it doing us any justice to just say we are techies, geeks or what ever just to get a simple point across.  But I truly believe we should have that simple thing that relates to ethical hacking/pen-testing or the whole security career with out a dissertation.  That would not only raise awareness but it would help with marketing and job growth.  

“So what do you do?”  
“I am a homicide detective”
“oh so your like an ethical murderer?”
“No! I just study them and understand them so I can help defend against them and help solve crimes.”
“But you probably do know how to kill someone and minimize the risk of getting caught, right?”
“Never mind.  I’m a cop.”

I know its apples and oranges in comparison to our world, but it isn’t too different.  I think there are so many psychological things going on here to.  So many of us are introverts.  So many of us go along with careers as long as we get to enjoy it and have fun.  But I really don’t want HR in charge of my career mold and public perception.

I may sound bitter about this, but I am not.  I just think it is really interesting to see an entire industry forming right under our nose.  What are the possibilities!  Exciting.  Were will it be in 20 years?  

Blah blah rant rant…ok I am off my soap box.
12  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: First Pen Test on: February 26, 2009, 09:45:35 AM
Here are two random thoughts Ive had about pen testing in general.  I think I spoke about them before…but oh well, you guys get what you pay for:)

One of the biggest things that can happen is to form a comfortable name for the profession with an identifiable purpose.  Meaning, if I talk about Hacking to my 10 year old nephew he thinks “cool, you get to be a clever bad guy!  Neat!”  And he knows exactly what that word means.  If I talk about security analysis or penetration testing his eyes glaze over and he giggles at the word penetration.  So what happens when you try to sell to a CEO and add words like Ethical Hacker.  It is just plain difficult to explain our world.  But if we had some type of easily identifiable person, organization or something that is identifiable in pop culture, it would be so much easier.  The mafia has Elliot Ness and the FBI.  Cops have Robbers.  Yin has Yang.  Hackers have “well were kinda like hackers, but don’t call us hackers we are info sec professionals and kinda….blah” 

And what does this have to do with this post?  Who knows…I just felt a rant coming along.  But one thing I think would be interesting is to set up a sales section that can define who needs what types of testing (PCI needs….HIPPA needs….), ideas and other things surround how to approach these companies.  And maybe even a reference part were companies that are doing research can find people they are looking for.  This site may already have these things, I just don’t remember seeing them…sorry if it is here:)
13  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: First Pen Test on: February 25, 2009, 04:23:50 PM
I think this is a good post.  All to often people dont like to explain the details of what they go through.  And sometimes the business side of it is shrouded in secrecy.  In reality, the profession is so new that ANYONE that can get out there and make some type of change, build process, get the word out, for a group (like this site) can change what pen testing will be like in 10 or 20 years.  Its all the little things.  Sharing honest info like this can help refine the profession that needs some serious refining:)
14  Ethical Hacking Discussions and Related Certifications / Programming / Re: Hey guyz am new here so i wana bcome a good hacker and wht are the basic i need 2 learn in progr on: February 25, 2009, 08:45:58 AM
Spelling and attention to detail is extremely important.
15  Ethical Hacking Discussions and Related Certifications / CHFI - Computer Hacking Forensic Investigator / CHFI recently? on: February 19, 2009, 10:12:17 AM
Has anyone taken the CHFI recently?  I am going to take a week long class then take the test.  I am wondering if anyone has any insight pertaining to difficulty, tone of the test or other general insight.

Thanks!
Pages: [1] 2 3
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!
Page created in 0.074 seconds with 21 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.