Then it was certainly worth the wait!!

Wow, I was surfing the net searching for addtional information on CEH cert and I stumble upon this blog.

http://blogs.ittoolbox.com/security/investigator/archives/run-away-from-the-ceh-certification-9639

What's your opinion about he CEH cert?

As for my opinion, it all depends on how you approach to studying for this cert. I've used ethicalhacker.net and its member's recommendation and advice and learned a lot so far. I have taken the self studying approach and have read couple of books related to ethical hacking besides the CEH courseware and I've also set-up a virtual lab at home, and I'm glad to say that I'm having a blast. Like Don have said it before, it is important to study more than one resource for any given certification.

I know that the CEH is heavily focus in hacker tools, but it is essential to know what the hacker are using as their arsenal for attacking their targets. Look at it this way, I'm a security analyst and studying for CEH has helped me detect and identify tools that hackers might be using against our clients. For example, one of our client was being hit by a high amount of syn-ack packets coming from interesting ports without ever sending syn packets to initiate the connection. After reading about different scanning options in Nmap, I could, as an initial analysis, speculate that the attacker is performing a "idle scan" whereby spoofing the IP of our client's machine for reconnaissance purposes against the target host that is sending the syn-ack packets, thus making our client a victim of a third party effect. Without having prior knowledge of tools that hacker uses, I probably couldn't make such an assumption. Remember, to catch a hacker, you got to think like a hacker.

Congratulations!! 

I received my membership packet on September. It takes approximately 3 to 4 months for the FBI and infragard to process you membership. I first found out that I was offcially a member when I started to receive emails from infragard prior to receiving my packet. I submitted an email to infragard inquiring the status of my membership and they responded by saying that my membership packet was sent to my coordinator and that he was responsible of getting the packet to me. He finally send it to me.

Infragard is an alliance between the private and public sector created by the FBI for exchanging information with one another which could help protect the US critical infrastructure.  Benefits include if you are a member:


For complete details visit infragard site:

http://www.infragard.net

Awesome, thanks for the tip. I'm also using Ubuntu 6.10 in my virtual lab and I will try this. Also I would like to mention that if you're lazy, you can use ophrack demo version online  to try it out . Here's the following link:

http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php

Dugg it as well. Come on guys, we need more people to dig this story.

Terrorists are being called to attack U.S. Internet-based stock market and banking sites in December. For complete details on the story, check out the following link:

http://www.foxnews.com/story/0,2933,233477,00.html

The above Nepenthes Appliance will not work. Apparently the person who created this virtual machine used the Ubuntu 6.10 iso image which was not included in the zipped file. Therefore I removed the links previously posted. Guess, we have to keep looking.

Hey, what about Nepenthes Appliance based on Ubuntu 6.10 Edgy Server. Instead of using this server for malware analysis, use it as a target. Since this server already emulates vulnerabilities, it might be a good candidate for pen testing. Has anybody tried this? I will download Nepenthes Vmware Appliance tonight and include it in my virtual lab for experimentation.

**removed link**
**removed link**

This site was the first hacking challenge for me. I completed all challenges years ago but I did had help from Google and books from the library. I remember that for each challenge I had to do research and a lot of reading in order to pass to the next level.

You can check out the trailer in the following link:

http://www.youtube.com/watch?v=JPfdLyM0-pg&mode=related&search=

Read the following post http://www.ethicalhacker.net/component/option,com_smf/Itemid,49/topic,820.msg2364/#new

Hello Dale,

Upon successfully passing the CEH exam, you keep this certification for life. For additional information about this cert please refer to http://www.eccouncil.org/CEH.htm and http://www.certifiedsecuritypro.com/content/view/53/91/. Please note, that on November 13, 2006, CEH version 5 will be rolling out and replacing version 4.1. Even though, you have until summer of 2007 to take the v4.1 exam if you wish.

I'm currently studying for the CEH and I haven't purchase any official material for this cert yet. I was considering taking the test on March of next year, so I guess I should wait and get the new v5 courseware. Hopefully it's  better than the previous versions. I've heard bad things about them. Can't wait for the reviews on this one.

Thanks for the tips Kev!!