Much better exam than the CEH since it revolves around conducting a complete assessment rather than generalities revolving the CEH.

As for self-study products, CareerAcademy has a CBT out for the CPTS that was created by the Mile2 folks.  It's pretty good.  "Gray Hat Hacking" & "Security Warrior" (or "Network Security Assessment") should be used to help understand the "whys" of how the theory behind the tools work so that the be-all-and-end-all of assessments is not based on tools, but on theory which is supplimented by tools.

As far as Jack Koziol is concerned, he is an excellent instructor who really divulges high-level hacking/assessing techniques that really revolve around C, C++, and heavily in Assembly.  Obviously a foundation in scripting is assumed (Perl/Python) and Linux Admin skills (Linux+ is ok).  Hands-on labs?  Tons, especially on writing shellcode and reverse engineering.  Advisable for those with a solid computer science backround rich in programming.  Not only that, the CEPT exam (proprietary exam by Infosec) will now consist of a hands-on practical.

As for the CEH, after attending both CEH & CEPT with Infosec, it almost seems like a script-kiddie course for layer-3 enumeration with a touch of layer-7 manipulation.  Lab time for the CEH with Infosec Institute is carried out throughout the day, along with teaching, and can go well into the night (10-11:30pm) for the "Capture the Flag" labs.  It might be good to read my review.

As for the CEH, there are really two approaches when it comes to bootcamps:  go over slides to cover everything on the CEH (extensive) to become a paper-CEH, or learn "that" on your own and take more of a hands-on course to reinforce what you've already learned- and more!

A lot of time was wasted needlessly.  Must say that it was very unorganized and could have been much more interactive.  We didn't even do or see a complete pen-test done from start to finish.  Time fillers were even put in by watching video clips from techies doing stuff for kicks or other junk. 

If you guys read my previous reviews (CEH, CHFI), this one would be very disappointing. 

Very disappointed with the CPTE class.

Modules covered:  50%
Depth of Modules that WERE covered:  30-40%
Books:  (2) full length books, Binder to go along with the slides (about 10% covered, seriously), Lab Manual (never used or referred to during class)
Hours:  everyone's up & gone by 6pm. 
Equipment:  very, very slow through VMware
Preparation for Test:  Take a look at the first (3) percentages covered.

I'm not sure if I should write an exhaustive review about the class.  If the modules were covered ALONG with the binder & lab manual together, it wouldn't really matter if I wasn't prepared to take the test because I would have been more than overjoyed. 

Paros is very interesting.  In one of our CEH labs, we used to inject variables and change the prices of products. 

We even tried it on a website (unsanctioned by the class, of course!!!) for a plasma tv and changed the price to $200.   

Of course we didn't execute it.  It works as a proxy to examine web scripting.

Very impressed with GFI Languard! 

Been offered a job that will use ISS Internet Scanner & Harris STAT.  Now I'm familiar with ISS, but have never played with Harris STAT. 

Harris technologies has usually been associated with communications (satcom for example), so I'm curious as to how this operates. 

Nessus is a one of my favs, or even NeWT (lesser Windows version).

I was wondering why many list all of their Microsoft certs on their signature or even on their resume?  Such as MCP, MCP+I, MCSA, MCSE...etc.

Now for SysAdm level, wouldn't it be easier to just say MCSE 2003 (Messaging/Security) and not bother listing all the underlining certs? 

Just an opinion.

CHFI Bootcamp Review

Just got back from CHFI training at InfoSec Institute.  Needless to say, it's impossible to cover ALL the objectives for the CHFI (EC-Council's website) in one week and actually have lab time.  To complete that, it would require going over slides & perhaps seeing a demonstration done through the overhead projector. It's a toss up between slides (less retention) or practical training (higher retention).  I'm glad they chose the latter.

================================


Pros & Personal Opinion
Our lab manual was much larger than the CEH one as our class was about 60% labs.  Our primary tool was FTK although we used several others (even Helix!).  After taking the CEH class, I realized why many attackers get caught but moreso, how to circumvent digital forensics completely.  It's not an indepth class investigating hacking intrusions (there's no time), but more of a foundational one.  That would be a premier-type class for an experienced forensic pro who also had a deep understanding of penetration testing, shell scripting, web apps, and SysAdmin-level of understanding in M$ & Unix.  Do you guys see where I'm getting at?

We did not have newbies to IT in our class as everyone had several years of experience working as Admins, programmers, developers, pen-testers, security, and even college students.  This was a good thing because we didn't have to explain in great detail how TCP/IP worked, security controls (NIDS, HIDS, F/W), and anything beyond the A+ level.  Not trying to knock them, but I'm sure you guys can appreciate that.

We were also given a licensed version of AccessData's FTK (received it prior to class) as part of the class tuition.  Very intuitive forensic tool that excels in certain aspects over Encase (apart from price:  Encase Forensic Ed=$15K !!!).  Those are the top two forensic tools used & recognized by court among others. 

Our instructor was very knowledgable in forensics & investigations at the hacking level.  If I'm correct, he has an MBA, CISSP, MCSE, CEH, CHFI, CCE, CCNA and others (in case some were wondering about his Infosec & SysAdmin knowledge).  Forensics has exploded in the past 2 years (look at the job postings) and will continue so, especially in niche areas providing intrusion-related investigations.  Now I understand why InfoSec Institute (and EC-Council) recommends taking the CEH before attending the CHFI class.  This will prepare the investigator in this specialization (intrusion attempts), rather than chasing divorce cases (LOL). 

Once again, the training & instruction at InfoSec Institute was top notch, filled with lab time (up to 9-10pm everyday), and an adaptive courseware manual that progressed in difficulty in every lab. 

==================================

Disappointments:  I was completely surprised how easy the CHFI exam was compared to the objectives on the CHFI outline.  The forensic questions were very basic, and more toward interpretations of law & "general" procedures.  It's about 70% Forensic, 20% Ethical Hacking, and 10% SysAdmin type questions.  This creates somewhat of a learning curve for non-techies since they will have to know two other domains to pass. 

I would recommend reading "Computer Forensics Jumpstart" http://www.amazon.com/gp/product/078214375X/sr=1-1/qid=1153580743/ref=sr_1_1/002-7329479-9904028?ie=UTF8&s=books for the CF portion of the exam.

Hope this helps.

Welcome.

Glad you two met up & enjoyed the class. 

How were the labs?  What time did you guys normally stay there 'till?

Have you guys considered adv. ethical hacking classes (CEPT, CPTE, ECSA/LPT)?


- charlottebandit

*I'm reading my CF text for the CHFI class on 7/17.  After that, I'm not sure if I'm going to be able to sit in on the CPTE class in Dallas on 7/31.  We'll see. 

Thinking of attending Mile2's CPTE class on 7/31 in Dallas, TX.  Has anyone taken the CPTE yet?

I'm sure this is going to be challenging.  Looks like Wayne Burke (Technical Director) will be teaching the course.


If all else fails, I'll probably be taking the 8/06 session.

Thanks Don.



Classes were held in a conference room at a hotel.


16 total (max).  Red teams were split in 1/2 ( or it could have been even smaller (our choice).


First off, I must admit that I'm not too fond of the way the CEH is organized and its focus.  Since it doesn't accurately follow a formalized process (such as pen-testing), you really learn tools w/ some structure rather than learning structure while incorporating tools in to reach your objective.

I do like the methodology Mile2 teaches for their proprietary cert (CPTS), but doesn't have the amount of hands-on lab time (directly from Mile2) like Infosec Institute does (around 11pm most nights).  So I.I. teaches pen-testing w/ a hacker mindset (and subsequent tools) within its limited time. 

You also have lots of study questions to read from & the Security Warrior text which is highly recommended (especially the first 4 chapters: Software Cracking). 

Now the CEH has gained more popularity than other pen-testing certs which is probabaly one of the reasons I.I. hasn't come out with their own proprietary foundation cert, but has with the advanced course.  Certs in the infosec field will gain recognition with time.........so it's not a bad time to get in.


CEH exam included in package & given on-site. 


Yes.


Just finished an MS online in infosec, but made it somewhat tricky to get the hands-on experience I needed although it was rich in theory, protocol analysis, and provided balanced infosec skills throughout multiple domains.  Also, most of the texts used were old & not the best-of-class for each subject.  Pen-testing & Computer Forensics are two concentrations I am pursuing, and believe that the training was essential for continuing education.

Recently attended CEH training with InfoSec Institute and would like to include a review of my experience.  Although I haven't attended other bootcamp training seminars yet, at least I could compare it with the formal education I received in Network Security. 

Equipment/Software:

- Every student had P3/4 Dell laptops with XP/RH-9/W2K server installed through VMware
- Instructor had several boxes & several servers (VMware) for "Capture the Flag" exercises
- Wireless connection used to assist in WLAN attacks & probe packet sniffing
- All software (open source / commercial) preinstalled on each laptop and working
- "Security Warrior" was the text mailed out and hopefully read before attending CEH


Overview:

Rather than sticking with the typical CEH curriculum of learning a 1000 tools & watching slides, InfoSec took a pen-testing approach and incorporated certain tools as we progressed in the pen-testing model.  They mentioned that this way we would have reference points on how to proceed and where to incorporate new tools as they came out rather than walking away without a solid foundation in pen-testing.

We approached each lab & teaching as if we were dealing with competent intrusion analysts which raised the bar of awareness, rather than expecting a completely open system where the secretary is also the SysAdmin. 

The instructor also approached the pen-testing model mostly from a black-box testing aspect where stealthiness & quietness (packet-wise) was emphasized rather than going in LOUD using Nmap & default settings with vulnerability/penetration scanners which also serve a purpose (white-box test).  Customizing tools & scripts were also discussed to evade detection and investigations by Computer Forensic analysts. 


Labs:

- numerous labs that worked since the boxes were preconfigured with tools (many weren't in the CEH outline) that work in a stealthy manner
- some tools weren't installed to show us how to install .rpms & .tar files (actual lab)
- lab manuals included both Windows & Linux attacks that builded upon previous labs
- labs began with a step-by-step approach, then slowly omitted steps that were previously covered in other labs (nothing critical).  I think that approach was to exercise our familiarity with what was learned
- didn't always have enough time to complete all the labs per section, but many were covered (usually 5 per section:  e.g. 5 for SNMP attacks, 5 for web application attacks)

Capture the Flag exercises (Red Teams):

There were four exercises (one per night) where we were separated into separate Red Teams to successfully complete several objectives per exercise.  We would use the attacks discussed & practiced on the instructor's servers where he monitored the network for "loud" and obtrusive attacks.  Obviously this was not done on the first 2 nights, but as our skill level progressed, so did the awareness of intrusion detection.

Many nights we worked on labs & CTF exercises until 10-11:30pm. 


Closing Comments:

Very satisfied with the breadth of knowledge by the instructor, course outline, and organization of lab materials.  There was probably 70-80% Federal employees there who attended the course ranging from Pen-testers, Sysadmins, Intrusion Detection Analysts, Programmers, Network Security Engineers, Graduate students, and Front-end Developers who benefitted from seeing major problems with software attacks which were covered & practiced (SQL injections, Cross site scripting, Web app attacks).

You are required to have a solid understanding of network essentials, TCP/IP, Malware, and encryption algorithms (or read Security Warrior 3X) before attending the CEH course with InfoSec Institute since there is no way to completely cover 20+ domains in 5 days unless they omit most of the hands-on labs.  This was an advantage for me since I had previous experience and formal education with such topics.  Having said that, their focus is more on penetration testing/hacking than vulnerability assessments where exploits are never confirmed. 

Not sure if I could recommend it to a newb in the pen-testing/network security world unless they put in the time to absorb the Security Warrior book prior & during class.  It's not about doing port scans or running Nessus since intrepreting the results and not setting off IDSs are important factors to consider in different attack vectors.  At least a review was conducted on Friday morning before the CEH exam.

===================

I am currently learning Perl and will try to squeeze in Python before attempting their advanced ethical hacking class which also exceeds the outline of the ECSA certification which follows the CEH.  The course book being used is The Shellcoders Handbook http://www.amazon.com/gp/product/0764544683/qid=1150807828/sr=2-1/ref=pd_bbs_b_2_1/002-3201132-0513627?s=books&v=glance&n=283155 written by Jack Koziol (who also wrote Intrusion Detection using Snort) who teaches the Advanced Ethical Class at InfoSec Institute.

Probably will take the (CPTE) class with Mile2 in August/Sept prior to attempting the Advanced EH class (CEPT/ECSA) with InfoSec Institute in Oct/Nov since it deals a ton with writting your own shell scripts, reverse engineering, and scanning code for exploitation.


Hope this helps.  Tried to be specific without being TOO specific so as not to give away the family jewels for them.
 

No, Jack didn't.  Jack teaches the Adv. class.

Tim Singletary taught the CEH, and also is one of the instructors for the CHFI.  I believe he also subs in for the Adv. class.  He will be coming out with a book later this year with several "proof of concept" vulnerabilities & more. 

He is/was a heavy hitter for DoD & other 3-letter agencies, but now consults and teaches.  Another thing I enjoyed was the fact that we ventured into penetration testing as if we had an experienced sysadmin or network security analyst as a foe/opponent rather than an inexperienced, clueless IT geek.  They raised the bar on us causing us to think before we assessed the systems without triggering off the IDS. 

Just attended CEH training from InfoSec Institute.  Tons of labs and daily Capture the flag "Red Team" exercises at night. 

CEH tools were discussed, but newer & better tools were used for the labs.  They used a pen-testing model of instruction while incorporating CEH materials/tools into the course, rather than teaching a course on tools & slides.

Thumbs up for InfoSec Institute.


- charlottebandit

Good question Don.

The EnCE is vendor specific as it tailors to Encase, but doesn't touch FTK, iLook, or other excellent tools out there. 

The CCE appears to be more "basic" (haven't taken it yet, but have read the info on their website) as it only requires basic PC knowledge.  Probably more for non-IT folks.

The GCFA is a SANS course which most IT people know to be high-level as it covers incident response thoroughly w/ CF on the network level for IT pros.  Looks like the GCFA & the CHFI is on the same advanced level.

==============================

Been pursuing CF training and came up with a plethora of unknown CF certs.  Many seem to focus on "buzz words" (w/ legitimate training too), but after reading the course modules I saw at what level their intended audience the cert was for.

Also, another link that categorized many CF certs by difficulty level solidified my thoughts on the subject http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1044613,00.html#downloads