This one looks a bit dead. I have made it the last 4 years. It is so much better than that Vegas crawl. Went to that years ago and now it is just way to many people. These guys limit the number that can attend. It get a bit interesting at ticket time. However the information and the party are always worth the effort. I was there last year and it was over 30 inches of snow. Barely got out of DC. Although that is in the past now and this year is about here. A friend who was at Shmoo last year in the snow, went to Toor this year. I am guess the snow is San diego will not be too bad for him.

Just checking. Got a friend out there. Could not make it myself. I have made the Shmoo last 4 yrs and about time to start thinking about that one. Looks like BT5 will release there or at least I heard that somewhere. Thought I saw a date that was right after the first of the year. Any word on the Toor is going??

Interesting question and there appear to be some very fine advice in the responses. i will take a different tack and ask a question in response to the question. First of all that I saw the one I put a big "no" was the one that indicated "go into management". If you do wish to avoid the repeat and repeat kind of functions. Why would one think of being a mangler. That is what they do and you most often loose the ability to pursue the type of things you appear to enjoy. So my question two parts.... How far are you planning on going with your education. A BS today is really a starting point. If you are planning something take it one step further. What might you want from your Master Program. Review some of the requirements as well as the schools you find interesting. You do not want to get to the threshold and find you need something else. Take the time now to build your program toward the end. That may seem like a long way off, yet the process of considering will help to bring forth the areas of interest as well as the areas you have not even considered. how do they say the 2X2 matrix of a place where you dont know what you dont know. if in the end you find the desire and urge to head toward management then do it. We are in a big need for even passable managers. Stats indicate 8 of 10 are worthless. So we could use some good ones. In the end it still sounds like you are at a stage consider all limit none. Hope that adds to the consideration.

Just checking to see if Don you are going this year. I met you a couple years back at a Sans Pen Test Summit after your talk. I am heading there after the Sans GWAPT class in San Fran. Take a evening at home and then head to DC on Thursday to be ready for friday at noon. My second year in a row. 

BillV. Sorry I missed this question. I did have the printed version of the ECSA from the test I sent in. I did finally get the ECSA offical about 2-3 weeks later.

This is still in review it is the follow to the isc2 Common Body of Knowledge or at least as I see it. They are looking for comments. It seems as Security Professionals we may have a bit to say.

http://www.us-cert.gov/ITSecurityEBK/

I will attach a doc that explains it. It is a long doc or I would attach it.

Saw this and it looked worth sharing. The link is below I will try and attach a doc with part of the information.

http://www.iss.net/about/press_center/releases/us_x-force_midyear_report_2007.html

I think it is a great mag and the contests they run are worth the effort. The articles are generally good and thought provoking. Get some strange looks when I am reading on a plane or airport. Only time I have to catch up. One comment on the be careful to pay in cash. Hmmm. Since my LPT required me to go to the FBI I would have to guess I am on a list somewhere anyway. Since they access to all the Cert lists then I am sure anybody with a CEH or ECSA will join as well as the others that fall in that category. Guess I am trying to say if you remain Ethical you are Ethical. Just a thought.

Not close enough for the interview although I have done some work in that area over the years. At this point you may have heard of it already. There a link on this site for it. A publication called HACKIN9 is in your area and has some great information.

I will add that I agree with the above and wish you luck. I think that first cert is the most difficult. Having taking the CEH several versions ago, at this point not taking and yet considering the CHFI. The tests have changed. I just completed the LPT and from the class the people who had just completed their CEH thought it was a good test and very similar. All you can do is the best you can. Study, practice and then light your hair on fire and run around in cirlces. Some of the test is too put on some pressure. Some how it seems sometimes they like to see us sweat. At this point I have been though several of them and each one makes me wonder why I am doing this again. Just relax, stay as calm as possible. You either know it or you don't. Remember it is your first and nodoubt there will be others. It just gets expensive taking the test again. The boot camps are good to prepare. Good Luck!

Some how I could not just say something. The value of certs? Hmmm Lets see I went into my first data center in 1969. Yes this new thing called IP was not there. I remember the Main Frame was dead and open systems was the only place. I do think it is important to stay current with the direction of the technology. I did my ccna and half of my ccnp before I ever logged into a router. Now I do not list or even attempt to keep them current. It gets expensive unless you have a company paying for the recerts. Today I focus more on the Info Sec certs. I aggree that experience is better teacher than just pure theory. I have seen bright young people with their string of letters. Get stumped when thing as planned. Project wise or troubleshooting wise. Something changes after you have worked on many many problems and projects. College grads do not have it. Even ISC2 has changed the requirement to say that your degree will not get you the CISSP. I guess it depends on where you want to got. Into management where for some reasons all managers think techs want to go, or senior technical. Mangement CISM or PPM or the like. Technical CEH, LPT or the like seem more valued. In any case the need to stay current (are CEU's the answer). No I think it is a desire to learn and keep working on the things that are pertient to your job. Those two lines do not mix. My CISSP was a lot of work. My LPT was also. Which I like best would be the LPT train. That will change as this new IP thing appears to  be catching on it my just last. Even if V6 is the real answer. Just a thought.

I forgot to post my results. I passed and trying to get the rest of the information together and get it to them.

Me I went from the Techno Sec 2007 and the ECSA?LPT class right to the CIS conference. I took the Pre class hands on hacking and spent the remainder in the Hands on room. Way to hot for me and not only outside. The room was overwhelmed by the systems and the people. The hands on track was great. I missed the capture the flag. The winner took just over 2hours plus. I ended in the crack the case a chance to find the murder for hire information that was on the systems. Looking to score 20 points to get a note from CSI. It was good a chance to some tools I have never used. Taught by the same guy that did the Pre conference class. The hotel was way up scale. All in all it was all good. The inforamtion presented in the hands on was great. Didn't try for the goodies which meant you had to get a signiture from a bunch of vendors and then do a drawing. Had some talks I saw the one from the CISO of Paypal. He was presenting on regaining the email communication channel as a viable form of communication. He thought we would in 18 months. Guess that is about it. Not real good at this reporting stuff.

Just wanted to add my two cents. I was at the class also (sorry we did not connect). I thought that Larry also did a great job. I have been busy gathering all the required stuff as I have jumped all the hoops they required. Going to send in my app and see what happens.

Saw the notes about the conference. I am here also. Did not meet anyone else from here yet. I am also taking the ECSA/LPT and as I seat now not going to anymore of the seminars. Just looking at the books. Sounds like it will be a real firehose for information. Sounds like the test will be Thurs pm depending on when everyone needs to leave. I saw Larry the instructor and he was going to try and go as long as he can to get it all in in 2 days. Good luck with the test. I hear it is a bit easier than the CEH one. This is a new version so I guess it is hard to say at this point. Hope to see you there.