I have heard lot about Suricata...Maybe they should set up web forum for users and those who want to give it a try. Also some tutorials would be great.

I plan to start with OSSIM in next two months. I will need to buy one used machine for that purpose. Otherwise I always read documentation first and look for some good tutorial or reviews.

One more question: Did anyone work on securing SCADA? What I mean is a small scada, which runs in small facilities. It is possible, that I will work on one project about protecting SCADA environtmen. For now I was thinking about implementing Host IDS and remote logs reading.

What do you think about ISO/IEC 27001:2005 ? After passing final exams, participants receive accredited certification with title "Information Security Manager" and "Information Security Auditor".

Thank you both for advice.

I decided to take PWB online course. I have read some topics about PWB online course and all things were so positive. I haven't had any experience with online learning.  So it will be something new.

I have one basic question about pre-made Backtrack VMware image. Do I have to use it, or can I use my already installed Backtrack 4 Final Release on my computer?

It looks like PWB-online from offensive security is the best option. I agree, courses in our area are overpriced. I would like to take one of available courses which could show me, how to made depth pentest on network with 20-30 hosts with fail/smtp server from start to end.

I forgot to mention that I'm interested for "live" course with tutor in the room. I'm looking for course which will take place in Austria/Germany/Italy.

If I took a course from offensive-security online, I would take "PWN". This one also looks good: http://www.ssr-i.com/courses/certified_penetration_testing_consultant.html

Hello.

In my country there is no courses in PenTesting. We only have CEH and CIS.

If anyone knows about PenTest certification courses which will take place in August/September in any country in central Europe, I will be glad if he could publish more informations.

Thanks for response. Yesterday I set up Ossec HIDS, but I'm not sure if it is useful. Modern internet security programs have some kind of "hids" already built in. And I think that HIDS is only useful for client host.
I also played with HoneyBOT, and it is cool, but to easy in some way. Do you know any european producer of modern honeypots and honeypot's like IDS software?

I checked OSSIM. It looks great. If I understood correctly, is all in one platform. But tell me, does make some program settings easier? Or will I have to spend few days configuring different programs which comes with OSSIM?

Hello.

I want to set up two devices. First will be honeypot. I think about setting up HoneyBot on WinXP box. First I thought to made Honeyd, but I don't find it useful to much. Does anybody heard for HOACD and has experience with it?

I also want to set up one Network IDS. I think that Snort is to hard to implement for me, so I think on Bro-IDS. Did anyone set it up already?