Offensive research on EC-Council/ CEH

[UNIX]

As I am considering to go for one or two certificates I was researching various institutes offering such. One certificate which came in my mind was of course the CEH which is advertised and recommended quite often, not only on EH-Net.

Therefore I wanted to get more information about the company offering it, quality, prices, etc. and was also searching for users who have taken or even lecturing it. This was important to me because on the official company's website (or partners) it is mostly not presented in a neutral point of view which is of course intelligible and out of question.

I want to share with other EH-Neters two links I found within my research and really would appreciate to read your thoughts on this.

First one
Second one

There are some others available when you search in your favourite search engine, however, those posted should be enough to start a discussion.

First I was not sure if I should start this thread here for various reasons but hopefully a nice and neutral discussion is possible without any flames or similar. Not everyone has the possibility to buy and take many certificates or have a company which is supporting one, therefore the decision which one should be taken must be well thought out.

Looking forward to your thoughts on this case.

[kennut]

Hi awesec,

let me give you a brief story of mine, back in 2007, I was lucky to get my company to sponsor me the CEH course version 5.0. Fees was like USD1000, you get the following:

1) 5 days of training (9a.m-5p.m) - lunch on your own
2) 1 box of 5 thick manuals which are poorly written, even the print-screen of is not up to par or clear (they are very blurred)
3) a CEH trainer which tries his best to explain everything to us
4) practically skipped all theory based topics like physical security etc.
5) lab testing - a Windows 2000 server (un-patched), so you can try to get in using metaspoilt, hacking thru netbios etc.
6) completely ignore how to hack Linux boxes (just skipped), asked us to play around with the BackTrack Live-CD.
7) A set of download CDs on the tools available from the Internet seperated by chapters (Windows, Linux, Wireless Hacking, Web Server etc).
a voucher for the exam in any of the Prometric training center.

Again, I procrastinated up to until early this year, to study and take the exam (as it expired in Dec 2008), I renewed the voucher and took the exam in April 2009 and passed. To sum it all, I didn't rely on the official training materials (never read it), as I know I'd be wasting time. So I brought the Official Review Guide, CEH ExamPrep and Exam Cram 2.

I can't say, I'm a 100% hacker or claim to be one, there's so many things that I'm still learning. All i know that in this industry of Info Sec, you need to have paper credentials to show that you can do the work too. (whether you can do it or not later, well, thru interviews, the people will know whether you're B/S or you can really do it.)

I've read the two links you've posted before, some of the posting were back since 2006. I'm not pro-EC council or something, I guess from the way they started it off, quality controls are somewhat lacking. I'm not sure about the latest official training materials are any good or not for Version 6.

If you can do self study, that would be at least save all your hard-earned money. If you do really want to go for the training/workshop, I suggest you visit their facilities and take a look at the materials that will be given to you upon signing up the course. that way you get a feel whether the training is worth it etc. (check the trainer CVs' too)

Btw, we don't get SANs training here in Asia, otherwise, would have got more options.

I'm doing CISSP self study and aim to take the exam in Dec 09 this year.

Good luck in your quest.

kennut

[dalepearson]

Awsec,

I had a look at the two links you have provided, and my opinion is that for anything, be it a cert, course, product, etc you will find people bashing it and people praising it. We all have different expectations / exposures.

Personally I dont have CEH, I have some of the reference books, exam prep books that I have studied in the past. I did this just for the knowledge (personally I am not one for exams and certs, I can spend the money better on getting the knowledge / and gadgets), so I dont have the paper, and your right many companies if they are familiar want this, but I can demonstrate if appropriate.

I would say speak to people on here, or you know in person who have done the CEH and see what they think their opinions are. Make up your own decisions and do what you think is best for you.

Probably not alot of help, I just wanted to be impartial.

[UNIX]

Thanks for your input, kennut.

I too think that the instructor is very important and one of the essentials needed to suceed. Here it doesn't matter which course it is, e.g. CEH, CISSP or one of SANS - without a good instructor one won't learn much and probably will have it hard to pass any exam.

Although the discussion of the supplied link was back in 06/ 07, it left back something "bad" for me after I read it. I don't expect to become a professional pentester just with this certificate, but I see it as some sort of key which may unlock some doors for me. Considering the fact that CEH is not very recognized in Europe and that it is quite expensive for this (at least for me), I still have some doubts if I should actually go for it.

Several reviews I read, including yours, kennut, are often double edged which doesn't easy the decision for me. Some of the claims against EC-Council seem legitimate to me, however, many of them are only pushing the anti EC-Council campaign I guess and can't therefore be taken seriously.

A similar thread I found on EH-Net too but actually missed before starting this one, can be found here.

I am aware of the fact that it is hardly possible to fit everyones need and that not always everybody will be satisfied with what one gets.

Thanks for your reply too, dale.
I too think that certs are not everything but can come in handy. I experienced that people with little knowledge and a cert may be invited to a job while some with more knowledge but without a cert may not. Again it is double edged.

[KamiCrazy]

The best answer I can give you is that when I did my research on security certs I ended up  doing the OSCP coursework first.

I was not totally convinced in those days that I would be happy with doing CEH.

However I did end up pursuing CEH in the end because it appears to be one of the better known certs and people have heard about it. I'm not saying its well respected but at least people have heard about it in my country (I'm not from USA), unlike most of the other infosec certs around.

[dalepearson]

I too think that certs are not everything but can come in handy. I experienced that people with little knowledge and a cert may be invited to a job while some with more knowledge but without a cert may not. Again it is double edged.

I totally degree. I have been there many years ago with Microsoft Certs, doing the exams etc just to help with getting a job interview.

Its a crazy world Good old agency verification checks.

[Vedder]

I really enjoyed my CEH course. It was a real eye opener, and I had a really good instructor.

Awesec, if you are in the UK I can recommend Firebrand, I studied at Wyboston Lakes, and the instructor (Luke) was really good.

The CEH is one of the most widely recognised certs in this field and definitely worth going for.

That said, I would also recommend the OSCP, I want to do this next year, as it seems like an excellent step up from the CEH.

The way I look at it is:

Beginner: CEH
Intermediate: OSCP

Not sure about an advanced course, but it would probably be an Offensive Security one.

I do agree that the study material is one of the worst I have ever seen. Luke was trying to get them (EC Council) to let him write it, and believe me, he knows his stuff!

The CEH is a great step up the ladder, but when you try and compete with people with two years actual experience you are hard pressed, and the CV will not even get a second look.

But then how do you get two years actual experience? This is the problem I am facing at them moment.

The exam is very straight forward, and its not hard to pass (given that you study for it and have a good tutor).

Good luck with your decision.

[kennut]

awesec,

I think the exam cost USD250 now, couple with the books add another US100 if you get it via Amazon and if you got extra dollar get the pass4sure.com test software, that should be around USD450++ for it.

1) get the test voucher
2) get the books
3) give yourself a few months, read all the books, and do the pass4sure test software
4) schedule a test date, and go for it

life is so many choices to make, like Nike slogan "Just Do IT".

 

[BillV]

There are a couple of posts expressing similar feelings that I have already replied to in the EH-Net forums (other than the one you referenced). If you search, you should find them.

I'll hold off making any other reply for now, but a couple quick things after skimming the other sites you referenced:

1) CEH has been approved for DoD 8570 Change 2, which has not been officially released yet. That pretty much covers the first link.

2) The second link discusses the LPT, but only talks about what's listed on the website and doesn't provide first-hand information. Despite what it says, the course is great and is filled with a lot of information - it's similar to the new SANS SEC560/GPEN course.

BillV

[BillV]

Here are a few links:

8570 announcement

Air Force Operations Center

CNSS

Some of my exp.

[UNIX]

Thanks for your response BillV; I was looking forward to read it.

I would like to point out again that this thread was not meant in any way offensive against Ec-Council or should increase bad talking about it. It was just something I wanted to ask as it concerned me in some way and where I wanted (and still want) to read other opinions about it.

Personally I decided to probably take the exam somewhere next year. If so, I am going to write down an extensive review about it, including books which I used for learning etc., so that others my benefit from it.