For 'hands on', I would say offsec, then GPEN.  I am not a CEH so I can not comment on the hand on element (there are plenty of CEH members that can).  However, the exam for the OSCP is 100% pure, unadulterated, mind blowing hands on!!

However, this is a pent testing course, with little 'pure' vulnerability scanning, so with this in mind, you might be better off with GPEN which includes pen testing and vulnerability scanning.

Hope that helps.

I've always been interested in computer security. My daily job is an IT administrator for SMB clients running SBS 2003/2008 boxes + terminal server environments and small vmware deployments.

Last year I decided to take a dive into some serious infosec study.

I initially had my eyes set on the CEH but I decided to do OSCP after two things. Firstly I looked at the back track distro and thought it was very well done. Secondly I found out that the exam was completely practical based and I have very fond memories of doing my RHCT exam. (To this day I think that practical based exams are not only challenging and rewarding but FUN!)

So I signed up to OffSec101. I fully enjoyed the course even though I have not sat the exam yet for personal reasons. I firmly believe that if you have a solid understanding of linux, networking and basic scripting skills OffSec101 is the best starting course.

The format is good, the videos are clear and the labs are interesting.

I'm currently finishing up ethical hacking online from InfoSec Institute (the training is for CPT and CEH exams). A lot of the stuff being covered I have learnt already from OffSec101. However gained a lot more value because i did OffSec101 first. I chose to do this course because the CPT exam was part practical and it included CEH training as a bonus.

My recommendation for anyone who is getting into this is to.

Doing a basic networking course first to ground yourself in the OSI model and understand networking principles. It is very important.

Train up on linux use and administration.

Once these foundation items are set sign up for OSPWB.

Do a InfoSec Institute ethical hacking course. I can't recommend the online one though because I have found it to be of poor quality, if I hadn't done OS101 first I don't think I would have learnt anything. I have only heard of great things about the instructor led courses.

From there branch out into the InfoSec Insitute advanced ethical hacking class or OSCTP or why not do both?

From that you should have seriously solid base of building a future in security. These classes don't make you a pentester they prepare you to be one.

In terms of certs you should be able to walk away with OSCP, CPT, CEH, CEPT, OSCE, ESCA, LPT.

In that mix there is clearly a mix of "business recognised certs" (EC-Council ones) and proven hands on training (OffSec, IACRB certs).

and you'll qualify for 40 ISC2 CPE Credits for OSCP certification, which is a good addition i think