Agreed, performing OS detection will determine, in my experience, a system running in a VM.

Also, Hak5 did a video on turning a mini-PC into a router/firewall. I enjoyed it u dutil they changed the firewall software they were using in another video...

Welcome to EH.net and thanks for the review. I have been wanting to meet someone who took their online training. 

Okay, that explained it. What books did you guys use during the course? Did they provide any?

Running nmap with OS detection can generally determine an os running on VMWare, not sure about Zen. As for getting through the router, you will have to find someway to bypass it, I assume. NMAP has features for that as well.

To attack a NAT network, you would simply need a properly configured lab... one router giving you your own network for attacking, and another router being the NAT network with hosts behind it. Most SOHO (linksys/netgear) routers have NAT capability, so get two cheap routers, set one as 10.0.0.0 and one as 192.168.1.0.

I think the issue would be there that you have no outside network... The only legal suggestion that I can provide would be to purchase two internet connections. The problem there is that performing attacks over the internet is not advised... But I know this is done, I don't know how though...

So, I admit myself confused, the CEH/CPT by ISI does not require the shell-coding/programming knowledge?

My problem is that I am in a different time zone, where staying online for the class would require probably being awake around 3 in the morning... Does SANS have any options for watching recorded sessions, but still include the option to ask questions to an instructor, perhaps by email?

Hi, welcome to EthicalHacker.net! While I will leave your questions to others with knowledge of the subject, You say you took the InfoSec Institute training? I would be very interested in hearing your review of the company and its training. If you have time, please, let me know your thoughts in this thread, or by PM.

I doubt it, I believe it can be self studied just like the CEH. I doubt they will even require any experience waiver if you passed the CEH.

I would get as much info as possible, and pass it on to Law Enforcement. Make sure any credit accounts are good as well, any evidence you obtain (legally) can assist in making repairs.

Hold on a sec guys, I dont think you are seeing the whole picture here.

As far as OSCP goes, I certainly dont have the knowledge or experience for it, something I will work towards.

Books- I have access to most of the suggested books, and am in the process of reading them. I know it will take time for me, therefore, if I do attend any training, I am setting next year as a timeframe.

VTC- I have access to VTC, and while I havent watched their CEH videos, I have not really gotten into any of their others... Unfortunate really.

I am familiar with what a boot camp is, I took my A+/Net+ through one. A great experience, and personally I enjoyed it, my vision of what college should be like, in some ways... What I would like to see is a true TRAINING CAMP. Which is what this company appears to offer in part.

I think I looked at HD, and I will look again, but it looks like they are doing the online live training, an excellent option, but not for me, ATM. I am halfway across the world, and I have seen the problems that can arise with that. It really sucks, being here has opened many doors, and at least at the moment shut some.

I am going through the CEH Study Guide, and eventually the review guide, and Hacking Exposed, and Pro Pen Testing, and I am chronicling my trek here: http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6279.0/ - I hope you all come and read, comment.

I was looking at the PPT book today, while on duty, and I noticed some good suggestions for labs that I defiantly need to DL. I am really glad that Heorot is continuing the DE-ICE program with the HD, I am still learning a lot from the first CD.

So I dont end up rolling on here, let me summarize. I understand that a cert like CEH isnt meant to be done from 0-100 in 5 days. I do think however, that there could be value in having an instructor teach this material. With all of the options out there, it really is difficult to choose. EC-Council wants me to do iclass/vLive (w/e), Career Academy supposedly has a good option, lots of people have done self study, ect.

I also want to note here that I am not simply chasing the CEH cert, although I have wanted it for some time. As I am under DoD8570, I need either it or SANS to perform the duties I want to perform. And CEH is a good introduction to the skills needed for a pentester, I think.

I'll be happy to reply to any thoughts.

I think I found the best IT training company...

Anyone ever heard of Koenig Solutions? http://www.koenig-solutions.com/

I am highly impressed with their training model. Not only do they offer the traditional 4-5-7 day boot camps, it seems the offer longer training, in theory, allowing you to really master a subject. Just what I have been looking for. Being that they are based overseas, I was of course weary, but surprisingly, their FAQ addresses those concerns, both illegal exam taking, and braindumping. And it seems they offer 1 on 1 training, a definite benefit for training like CEH or other training that requires specialized knowledge.

The pricing is defiantly a bargain to training in the US, and India is closer to my current location.

I am currently looking up reviews, all good so far, their claims to be Oracle partners checks out, and there is a decent review here: http://cjeastwd.blogspot.com/2008/06/oracle-10g-bootcamps.html

I wouldnt even rely on the software, as a format will remove any non hardware protections, except a bios/boot password, which can easily be bypassed.

Hey Don, can you ask them to add SSL to the registration page on the II page? Name, phone number and email address in the clear...

Nice certificate, oh god, if Paris Hilton was a pentester.... well, I guess theres nothing to fear.

If you guys haven't already, you might want to consider printed certificates and a nice card, professionals like to have a little card to show off. They've been begging for them over at the EC-Council forums every now and again.

theres one on the site here?    Oh, are you talking email address?