I have the mother of all the books:

TCP/IP Illustrated, 2nd edition

It is very comprehensive, it attacks all kind of subject, every chapter (eg TCP) talks about security, and the last chapter is only about security.
I have it, and it is the next book to read.

2012: finish OSCP, do mile2's DRCE and then study security architecture. Maybe I'll do SANS 501 (if company pays) or CISSP ISSAP.


2011: done the OSCP course and GWAPT. I read a lot of books, and I have many others on my shelf.
BTW, there is a new editin of TCP/IP illustrated. This a must read for any IT guy.

I plan to buy 10 hours of lab time. I know that thery are expensive compared to eLS or even OS*P. But, the best way of learning is by studying and doing.

In my opinion, if someone will go through the most of the labs he will be extremelly skilled. Also, consider the fact that the book is about 40$ plus 100 hours lab time is 740$. A lot, but a SANS course is more than 3000$.

I did SANS GWAPT, eLS and I have the book. Soon I will do a comparison between them.

I also think that paying by the hour will make you sweat more. 
Consider the following analogy: having a girfriend (pay monthly access) and "renting" a wh*re by the hour. In which case will you "give your best" and want the best ROI?? 

Good Luck!
Keep us informed about the changes.

Congratulation for the GWAPT!

Q: Is it similar to the practice exams??

If you are new to this field start with minimum necessary.

I would recommend to buy a lighter laptop (an used Lenovo or Dell with an Intel i5 will be perfect), with a big screen. Also buy one or two used servers that will host your targets. It will cost less and you will benefit more (you can even reuse the hardware later).

I recommend you a second monitor. I am using a desktop with dual monitors. Sometimes I use my laptop connected to a 24” 1920x1200 monitor. It is very good for the eyes, and you have a lot of workspace. I read somewhere that working on only a monitor is like eating on the table from the aeroplane, and I agree with this.

If you still want to go w only a laptop, a SSD is a must. You can have a Dell XPS, 17" 1080p, SSD, 8GB RAM for about 1500$.

If you have more money... invest them

@hayabusa

It is good that you took CSWAE and you'll review it.

I took CDRE (I hope they will accept it). If they do, I will review it for EH-net.

Good luck to all the students!

I really am sorry for you.
I can only imagine how much passion and effort is necessary to produce and administer a site like yours or EHNet.

In my personal opinion they are a bunch of idiots and ignorants. They are the kind of security specialists we are trying not to become.

I hope that you'll pass this moment and you'll create a better one.

@3xban
I am glad that I helped you.
For CISSP I recommend Shon Harris's book and cccure.org. The book is interesting and you'll find the site useful.

For CPTE you'll have to buy the lab guide, plus access to the war room (when you'll be ready). They will help you to better understand the subjects.

Good luck!

Me, I still didn't decided yet...

@3xban    If I were you I would go for CPTE

First, for CISSP you can buy the book (cca 50$) and you have to buy the exam anyway. Second, you'll have a redundant cert (CISSO and CISSP).

With CPTE you'll get a lot of hands on knowledge. Don't forget that the voucher is valid for one year, so when you'll get bored studying for CISSP you'll be able to see the videos from Mile2 and feel like a real security guy.

Just my 2 cents

They fixed the voucher and now it worths 800$.

In the same time I don't think that you'll have the student kit (450$ - printed workbooks, lab guide, the tools...)

Anyway, I don't know which course to choose : CPTE (I am doing OSCP), CSWAE (I am doing GWAPT and I plan to do some labs from WAHH2), I am CISSP, I am not a programmer, I don't want to know more about forensecs than I know now...

I was interested in the DR one, but it is not on the list, and I doubt that it goes deeper than CISSP and CISM does. Also they are mentioning that it is only theory.

What do you think? Which one will make a difference?

Thank You Very Much Don & Mile2!!!

I am thinking about doing the one about DR (if it is possible), but first I have to finninsh GWAPT and OSCP.

I hope that this training will give me more than theory.

So... I'll have a hot winter.

Congrats to the other winners.

I have both of them.

The commercial one will be better suited for the cases where you'll need the intruder. You will not need the scanner for the exercises, because you know what is the vulnerability.

Hi,

I have it and I am reading it right now, in order to help me better understand the material for GWAPT exam.

I can say that it is the best, and it has the advantage that you can pair it with prcatical labs created by the authors. The downsize is that the labs are quite expensive (7$/ hour), but it's cheaper than pay 4000$ for the SANS course.

For the begginers I recommend Elearnsecurity course first, and then build in its foundation using the book.

@TheXero I know that your background is good so you can start directly with the book.

Thanks again.

I will take more seriously the tagging. It is my first open book exam.

I give myself another month until the exam, so I have time to do it the right way. After tagging I will take a practice exam to see what I am missing.

Anyway, I am pretty scared by the exam