Yeah I am aware of the associate of ISC2.

Why these two certs is because I need either one for credit for another course. I am not sure passing the exam and being an associate is sufficient for credit.

pure_hate has said that he only used 68 to speed things up in the vid, he posted in a thread 2 years ago on remote-exploits.org forum that you should use something more sensible.

I learnt java first because thats what they teach in universities nowadays.

If you wanted bang for buck you can't go wrong with python. Relatively easy to learn, the style is very consistent, used by hackers all over as a primary tool to develop new tools, you can easily meld it with C, develop modules for core impact/canvas, it is similar to ruby which is then useful for metasploit, google endorses it.

Btw awesec he says he lacks a foundation in programming

If I wanted to be an ethical hacker and needed to learn programming. I would do python first, then learn C, then learn assembly. I still believe assembly is still important if you want to seriously understand memory manipulation and how to write shellcode.

After reviewing your question again, I would also look into whether you are attacking the right web page for your router.

Money not a problem? Checkpoint.

Enterprise support? Check (for management's peace of mind)
Multiplatform compatible? Check (for ease of deployment)
Centralised management facility? Check (for your piece of mind)
Lots of information on the net to research pros and cons? Check (so you can find out wtf you are buying beforehand)

I don't work for Checkpoint nor normally bother to endorse their products.

For some odd reasons I have to choose between this and CISSP (don't qualify for the experience yet, need another year).

The most annoying thing about this cert is the lack of alternative training material. Its kinda like the ECSA, if you want to do it you have to get the official training material basically or attend a course

I plan on getting both.

I think all the right points have already been stated but I'll just say my view on things.

When it comes to certifications vs degrees I look at ROI, time required (which is a component on ROI anyway...) and what opportunities it is likely to open up for me.

A case in point when I was younger I dropped out of Uni. It didn't actually hurt my chances of getting into an IT job, largely because in my country degrees don't mean a whole lot when it comes to infrastructure implementation and support. However I am past the stage of being new in IT, proven my mettle of being able to handle difficult tasks and I want harder challenges (work for an enterprise!) but I know I am not going to get those opportunities without a degree.

So while I got my foot into IT with a fist full of certs and a burning passion which was evident in my eyes. I am now facing a glass ceiling. One which can only be broken by putting in years of experience on my CV, so that I can get past HR and get an opportunity to speak face to face. I am hoping a degree will be more time efficient for me instead.

Luckily enough I want to get into security and in my country, there are enough oldschool geeks who don't have degrees who still run the security scene here. However I want to travel and I understand that this is not how it works in other countries and therefore a degree can be very important.

In the end the deal breaker for me before I do any educational content is this.

A) Is it fun? If it is, I want to do it regardless
B) Is there an immediate opportunity or reward that I can leverage upon getting it. I'm not talking about I may get a raise, or I may get a promotion, or I may get a better job. I'm talking you get the cert and you get that raise, promotion, better job.
C) Is the degree/cert something to be proud of? I'm VCP #51337. When I got my VCP number I though it was l33t.

here is a snippet of the code


It means that basically hydra is unable to open a connection to whatever you are telling it to connect. You should verify that http-get is the correct authentication method you should use.

The CTP prize would be awesome!

Using core on OS101 was fun, but largely useless as a learning tool for pentesting...

Time to update my courseware ^_^

If you work for a cisco partner, PEC

Hi,

I'm thinking of the future and I'm thinking about doing these certs. (I still have a plethora of other certs lined up so yeah it'll be a while...)

What do people think about these courses in terms of adding value to ethical hacking?

Any firsthand experiences here?

I sat my RHCT almost 3 years ago. It is the only exam in my entire life which I passed with a score of 100%.

It was completely practical based, I stayed up until 3am in the morning running over the lab routines over and over to drill it into my head.

I learnt a lot and it basically setup an appreciation for all flavours of unix derivatives.

It also meant that when I did OCSP I dived straight into it without having any hiccups due to incomplete understanding of linux.

I would like to do RHCE but with so many other certs lined up I dunno if I will ever have time.

What I would like to know is how sophisticated their techniques are and whether they have developed any new techniques.