The Ethical Hacker Network - New guy with a lot of questions...

york_daro

Newbie

Offline

Posts: 9

New guy with a lot of questions...

« on: August 26, 2007, 02:46:56 PM »

Hello, I'm new here... I was reading some topic here and I see it's an interesting board ... I've already learnt some things from here

But I want to ask You some questions... I'm thinking about those Certifications... I like security news.. I'm interested in that... about programming I know Delphi, Pascal, SQL, a little ASM, html, php... also not too much about Linux (basics)...

Is it worth trying to get any of the certicicates ?

I'm from poland... CEH is something new here but I see some interesting words about OSCP...

I want to raise up my knowledge about security.. But I know that programming Delphi and repairing broken computers/printers is not enough 4 me :-]

What would You recommend ?

Regards
Darek


	Logged

Kev

Guest

Re: New guy with a lot of questions...

« Reply #1 on: August 27, 2007, 12:08:05 AM »

What is your goal? Security? Programming? I would recommend security. Security with strong network and programming skills will set you above the crowd. Programmers are starting to lose work as more jobs are being outsourced to other countries, but security is still a "hands on" requirement. So yes, go for your CEH and follow the curriculum.


	Logged

york_daro

Newbie

Offline

Posts: 9

Re: New guy with a lot of questions...

« Reply #2 on: August 27, 2007, 01:47:13 AM »

But from what I heared OSCP is better to begin with than CEH? and CEH is valid only for 2 years? Also... would it be better (if I decide to of course) to buy first video materials and then when I feel ready go for the exam?

I don't think If I could get through the exams...

I have some CEH materials (Video DVD, Lab 3.0 and reviews) from my friend just to see what I'm up against but I'm thinking about buying V5.0...

what would you prefer starting with? CEH or OSCP?


	Logged

BillV

Hero Member

Offline

Posts: 1892

Re: New guy with a lot of questions...

« Reply #3 on: August 27, 2007, 07:46:44 AM »

I don't think I would say that one is necessarily better than the other. OSCP focuses on BackTrack and BackTrack only. BT is a great tool in itself, but there are also many others out there.

CEH will be valid for 3 years starting January of '08. At that time, you'll be required to earn continuing education credits to retain your certification, along with a $50 annual fee.

It's also been said on here that the OSCP course is not for beginners to Linux. I don't know if I agree with that or not though. I think someone new to Linux could pick up everything that the OSCP course covers fairly easily, but I had prior experience too.

I did the CEH course before taking the OSCP course. There are good points to both, and I took information away from each.


	Logged

york_daro

Newbie

Offline

Posts: 9

Re: New guy with a lot of questions...

« Reply #4 on: August 27, 2007, 08:14:36 AM »

maybe other way

the CEH video is downloadable Wink

and other materials are downloadable Wink

then tell me... does the certificate gives anything else, not only a title?


	Logged

BillV

Hero Member

Offline

Posts: 1892

Re: New guy with a lot of questions...

« Reply #5 on: August 27, 2007, 09:28:55 AM »

I don't know. I know I've had mine for some time now, but don't use those type of skills at work. I handle various security-related projects, but I'm not really sitting around hacking stuff all day.

And FYI (before you waste time with the CEH videos) they're not that good.


	Logged

york_daro

Newbie

Offline

Posts: 9

Re: New guy with a lot of questions...

« Reply #6 on: August 27, 2007, 01:03:17 PM »

I can see that... hmmm.. some interesting information/tools could be very usefull and a little theory i can get too

So I see that all the knowledge are books, and own tests...
the boot camps and Certificates - I think it's just a waste of money (better go with your girlfriend and buy hey some flowers for it Wink

)...

other thing... I read much about those virtualization and virtual labs... what's the sense of doing them? just to test the "tools" ? because if I'll make my Win XP PRO SP2 fully updated then I know that I won't be able to do anything (no known bugs) but only to scan, get some information?

I see you all are doing virtual labs... but what for? If you can't break updated win xp sp2 ?


	Logged

hitechpo

Newbie

Offline

Posts: 9

I hate stupid people.

Re: New guy with a lot of questions...

« Reply #7 on: September 03, 2007, 09:15:31 AM »

I feel that tools are just an extension of the hacker, themselves. Why do you want to learn how to hack? Most of the time it is because something inside you wants to learn how things work. What makes the software do what it does or what makes that computer act the way it does. The methodology and information helps you understand the basics of what is going on. The tools help you in gathering this information, but you still have to know how to interpret the results and what vectors of attacks can you utilize to compromise the system. Sure, there may not be a lot you can do with a patched OS; however, what about the software running on the OS. How could you get the user to download a Trojan or other malware program so that you can own the box? There are zero-day exploits that come out everyday, do you keep up with this information? These are some of the things to consider when you go forward and learn the 'tools'.


	Logged

CISSP, CEH, NSA-IAM/NSA-IEM, MCSE, A+

york_daro

Newbie

Offline

Posts: 9

Re: New guy with a lot of questions...

« Reply #8 on: September 03, 2007, 09:33:09 AM »

I know that hitechpo

zero-day exploits, SE and other apps... sure... I am up to date with many things... that's why I wanted to ask You about those certifications - why they are so expensive... I thought that 4 that price there would be plenty of informations how to..... I see now that most of the informations I can get from google... what am I saying? all of the informations ....


	Logged

LSOChris

Guest

Re: New guy with a lot of questions...

« Reply #9 on: September 03, 2007, 10:10:19 AM »

certs are only for what you can get out of them and to get by HR.

you can get most of the education for college for free on the net, does that mean that college has no value and a college degree has no value? thats a bit of stretch but you get the idea.

two things to address your comment because i have seen the whole "i can get everything on google garbage"

when you take a training course, any course, you paying for that instructors time because, ideally, they have alot of experience in the field and can help you learn the material faster, better, more retainabilty, whatever. not "so" much for the content they teach, although it should be organized and better than what you can get "for free with google"

second, certs are a way to test yourself to prove that you know the knowledge and to "ideally" show others that you know the knowledge as well. we dont need to go into the debate of the value of certs, there are already several threads about it.

the cost? well thats just part of the game isnt it.


	Logged

york_daro

Newbie

Offline

Posts: 9

Re: New guy with a lot of questions...

« Reply #10 on: September 03, 2007, 11:43:37 AM »

sure but U see... here that price is too much 4 most of living people here... When I sam that price.... I thought that it must the best ever made cert.... it isn't

I worked whole year to get that amount and buy a computer... if I would spend those money on that course I think I would be disappointed...I would never spend so much money on any "game"

that's why I wanted to ask about Your point of view... I think that not too many people from Poland will be taking any of those exams Wink

maybe in some time...


	Logged

LSOChris

Guest

Re: New guy with a lot of questions...

« Reply #11 on: September 03, 2007, 03:03:38 PM »

if you have the skills you are talking about there is plenty of work to be made on the side. sites like rentacoder come to mind.

again there is difference between the price to sit for a cert and the price for a training course. i wouldnt confuse the two.


	Logged

Manu Zacharia (-M-)

Sr. Member

Offline

Posts: 393

c0c0n Hacking Conference - where hackers unite

Re: New guy with a lot of questions...

« Reply #12 on: September 03, 2007, 10:09:53 PM »

Hi York_daro,

What really matters is your level of knowledge and your skills. No matter how many certifications you hold, you always have to face the interview board and have to answer the questions. And to answer those, you need real stuff - But let me also say that good knowledge with certifications make you stand above others. So both go side by side.

As far as the cost, I think the money value for both countries are different - and the pricing is based on US dollars. So obviously non-us people will find it very high (Infact, I am also a non-us guy) The salary you get in your home country will be different from the salary that you get in US.


	Logged

Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n

Newbie

Offline

Posts: 29

Re: New guy with a lot of questions...

« Reply #13 on: September 04, 2007, 10:10:54 AM »

York_daro,

The price of the certificate shouldn't be an obstacle to you.
This depends if you really want to test you knowledge and to be able to prove you employers that "you know what you are talking about".

If you really want to take a cert, in my opinion you have two choices:
1. Self study. If the price of the course is to high for you, do a lot of self study. Use virtual labs, read books etc. When you feel confident about your knowledge, you can take the cert, the price of the exam is not that high (non-US guy oppinion here also).
2. Prove you employer that you are willing to specialise youself in security, and, if this is important for him or the company's project, maybe he'll support the price of the course/exam.

Please note that both of the choices depend very much on you commitment to you goal.

Hope this helps...


	Logged

Security+, OSCP, CISM, CISSP

york_daro

Newbie

Offline

Posts: 9

Re: New guy with a lot of questions...

« Reply #14 on: September 04, 2007, 01:05:21 PM »

yes I know

that's one of my gr8est problems Wink

don't know what to do with myself ...

Most of my time i spent on programming... but it's too heavy topic to get a good job in it (too high requirements/skills from programmers that you can get alone from internet

)...

I like security but most of my time I used it to check site/network/software.... attack (4 fun and test myself + to prove them that their site/network/software isn't secured good enough)... the real problem is that I don't know how to protect (i'm not an administrator)....

to mention about programming everybody says that the best and most needed language is C++ (i rather like delphi [lol]) but I don't know anything about that... so I think that programming could be a problem 4 me... administrating a network is easier than programming.... I don't know if it's not too late 4 me to learn C++ (hard thing)..... I just don't know... I know one thing... I like computers, making, modify, buy (new ones) Cheesy

so many problems....

thank you all 4 so many replies (and sory 4 my english) Wink


	Logged

Pages: [1] 2 Go Up

« previous next »