You can try these instructions, they should work for you.

BillV

Hi Sarah,

Welcome to EH-Net

If you're wanting to do an online course, I would highly recommend considering the EC-Councils own iClass courses - http://www.eccouncil.org/iclass/. These are delivered by EC-Council Master Trainers and you surely will not get better CEH classroom/online training anywhere else.

If you decide that you'd like to go the self-study route, and don't want to miss out on the labs, then I would make recommend you purchase 2 things: 1 - the official CEH courseware (http://www.eccouncil.org/orders.htm) and 2 - the official CEH v5 Study Guide (CEH Study Guide on Amazon). With the courseware you'll get the lab manual and an overview of the entire course through the books. The study guide will prepare you for the exam based directly on the objectives.

Hope that's helpful.

BillV

Yes, I think you need to do more research and studying regarding exploits and how metasploit works.

I suggest you start here.

BillV

Sweet! Thanks for the post, Manu Will definitely be checking it out.

BillV

I agree with Jason. Just because it's not "commercial" doesn't mean you can't have a .com domain name. Certainly don't let that restrict you from choosing a name you like, if it's available.

There's your first problem. Run it under Linux.

I can't tell you what exploit to use, it depends on what your target is vulnerable to. As you've already figured out how to do, you can see which exploits will work against which targets.

Those 3 books are each excellent resources as well. The Official guide and the Prep Guide are both targeted at v5 while the ExamPrep book is for v4 (but still a great resource for v5).

Just because those are listed as targets, doesn't mean they're vulnerable... just what the exploit can attack.

Sounds like it's not vulnerable.

The only thing I can think of is the shipping cost and that there is no local distributor. I'm not quite sure exactly how many books are included in v6, but there were 3 plus a lab manual in v5 (making it quite heavy). Update when you receive a reply.

Bill

If you haven't already paid, or are curious to see if you can get it cheaper, I would send an email to info@eccouncil.org and see who your local/nearest distributor is. That may bring the price down, I'm not sure.

No, there is no headquarters there that I'm aware of there... just in the US and Malaysia.

BillV

Ridiculous, just absolutely ridiculous...

I like the part about "she's going public to inform others" ... who doesn't know about this?? lol

Oh and "it'll take 3 to 4 years to climb out of that debt" ... wonder what else she's involved in? 3-4 to gain some $400K back? wow

Wow, nice job, Ryan! What was the topic?

BillV

Haha! I was thinking the exact same thing... some good 'ol kung pao, general tso's or orange chicken and some fried rice sounds good to me!

I wouldn't bother with the CPTS.

For one, there will be too much overlap between what you're doing (CEH/OSCP) to make taking the CPTS worthwhile. The CPTS doesn't seem to include (at least from what I've seen listed on Mile2's website) any more information than what you'll gain from the CEH/OSCP. And second, I've yet to see anyone that a) knows about the CPTS, or b) is hiring and has the CPTS listed in their job posting.

I have taken both the CEH course and the OSCP course and there was a little bit of overlap, but the OSCP is more directly focused whereas the CEH is a much broader, overall perspective. As already pointed out, the CEH is more widely known but the OSCP has a more technical exam, rather than studying for and passing a multiple choice questions you actually have to do it.

A lot of the bad stuff you hear about the CEH comes from people that took it earlier on (v4 or earlier). The newest versions, 5 and 6, are significantly different in that the material has been updated to be more relevant. I can't speak first-hand for v6, but I do have v2 and v5 at home and have read through v4. The changes are quite dramatic. Unfortunately, EC-Council kind of messed that up and it's still hurting them today.

If anything, I would say that they complement each other very well. The OSCP basically covers what's missing in the CEH. While the CEH labs (v5) do have you work with some good tools, it still includes a lot of extra tools that you'll probably never use in the real world. But, as is the nature of the certification, it's meant to give you a good overall understanding. The OSCP gives you direct tools to use and the actual training videos are very well done and easy to follow/understand.

The follow-on courses to CEH (ECSA/LPT) are much more targeted directly using specific tools, a methodology and the business aspects of penetration testing (more comparable to the new SANS course SEC560).

Hope that helps.

BillV