.

Ethical Hacking exam

<<

laarijo

Newbie
Newbie

Posts: 1

Joined: Thu Mar 09, 2006 7:55 am

Post Thu Mar 09, 2006 8:14 am

Ethical Hacking exam

Hi

I want to appear for the EH exam.
Need some info so as wht is the syllabi & which books to refer

needed inputs from all members

thanks
<<

ehadsell

Newbie
Newbie

Posts: 4

Joined: Sun Oct 16, 2005 7:45 pm

Post Thu Mar 09, 2006 9:11 am

Re: Ethical Hacking exam

I want to appear for the EH exam.
Need some info so as wht is the syllabi & which books to refer

Here is the description of what is taught in the class -- all these topics are fair game for the test:
http://www.eccouncil.org/EC-Council%20E ... utline.htm

EC-Council sells the official study guide.  Very expensive.
http://www.eccouncil.org/studyguide.htm

Other resources are coming out soon from Sybex, Exam Cram and CBT Nuggets.  There is a thread of books over at the certifiedsecuritypro site.

http://www.certifiedsecuritypro.com/com ... opic,126.0
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Mar 09, 2006 10:44 am

Re: Ethical Hacking exam

We had good intentions of starting a study group, but with running 2 sites, having a day job and trying to raise a family, it is difficult. Maybe we'll pick this up again in the next month or so. Either way, we did list several steps (and links) as a starting point for studying for the CEH / CPTS exams. You might find this helpful:

http://www.ethicalhacker.net/component/ ... topic,29.0

Don
CISSP, MCSE, CSTA, Security+ SME
<<

oyle

User avatar

Sr. Member
Sr. Member

Posts: 264

Joined: Mon Jan 02, 2006 11:19 am

Location: Cleveland Ohio

Post Fri Mar 10, 2006 6:54 pm

Re: Ethical Hacking exam

What with my studying for the CCE exam now, I have some time available; I could help lead the study group, if no one else minds. I do have the knowledge inbetween my ears, despite that there are no jobs for it here in the area.

How do you discourage a potential employer from thinking you might go rogue and disgruntled and bring their sysytems down? I think this is a major obstacle to finding a job in ssecurity, at least in my area. I already have removed the CEH logo from my resume, but I am still very heavy into the tech. It REALLY is cool.

8)
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".

From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
                  -Tapeworm
<<

mitchmcse

Newbie
Newbie

Posts: 7

Joined: Fri Feb 17, 2006 7:42 am

Location: Aurora, CO

Post Sat Mar 11, 2006 4:03 am

Re: Ethical Hacking exam

If you start a study group I may be interested in joining it.  I will be ordering the courseware from ec-council in the next week or two.  Kinda nice that my work is paying for it.
<<

oyle

User avatar

Sr. Member
Sr. Member

Posts: 264

Joined: Mon Jan 02, 2006 11:19 am

Location: Cleveland Ohio

Post Sat Mar 11, 2006 12:38 pm

Re: Ethical Hacking exam

Sounds cool to me. I passed the CEH exam in Dec. 04. I had to pay for it myself, but I was able to get a 20% discount on the price. I still cannot find any work doing any of it, though.

If your work is paying for it, great. One word of caution: Like I said, I passed my exam in Dec. 04. Around May of 05, EC-Council announced a CEH "ver.4". If I look at the CEH syllabus now www.eccouncil.org/ceh.htm I can see a few things that were not included in the class I took.

For Instance: there is something listed in the ver.4 course syllabus under Module 13, "Web Based Password Cracking Techniques--Mary Had A Little Lamb formula". I still cannot find out anything about what that is.

Don, do you have any idea about the "Mary Had A Little Lamb formula?"
Last edited by oyle on Sat Mar 11, 2006 12:46 pm, edited 1 time in total.
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".

From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
                  -Tapeworm
<<

mitchmcse

Newbie
Newbie

Posts: 7

Joined: Fri Feb 17, 2006 7:42 am

Location: Aurora, CO

Post Sat Mar 11, 2006 10:11 pm

Re: Ethical Hacking exam

It is pretty good that my work pays for it.  But then again I work for IBM.  They did give me the opting to go to the boot camp.  But I figured I would do the self study and then either go to either the CHFI or IBM EH course next year.
<<

oyle

User avatar

Sr. Member
Sr. Member

Posts: 264

Joined: Mon Jan 02, 2006 11:19 am

Location: Cleveland Ohio

Post Sun Mar 12, 2006 12:41 pm

Re: Ethical Hacking exam

Do you do any programming? It would help for the exam. I don't do any programming, so I didn't pass until my third time. I just studied what I wasn't sure of, and kept plugging away.
Be warned, after you pass the exam, it will be a loooonnnng time until you recieve the cert. Just ask Dengar13, also on this forum. It took me almost 3 months to get mine. Dengar didn't get his until it was after 3 months.
Last edited by oyle on Sun Mar 12, 2006 12:46 pm, edited 1 time in total.
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".

From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
                  -Tapeworm
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Mar 12, 2006 3:58 pm

Re: Ethical Hacking exam

I have no idea what a "Mary Had A Little Lamb" Formula for cracking passwords is. I could make some guesses, but that's all they would be... guesses. I'll ask around.

Also, I have no problem with you leading the study group. I'll try to participate as much as I can. Also, being part of a group may help motivate me.

Should we continue this part of the conversation in a new thread of The Charter Study Group?

Don
CISSP, MCSE, CSTA, Security+ SME
<<

oyle

User avatar

Sr. Member
Sr. Member

Posts: 264

Joined: Mon Jan 02, 2006 11:19 am

Location: Cleveland Ohio

Post Sun Mar 12, 2006 5:37 pm

Re: Ethical Hacking exam

Sure, that sounds fine. I've never really done this before, but like you say, you don't have a lot of time, and I guess I have more time than you. After winning that great prize. I'd like to give a little back. Help out wherever I can, y'know?

Oyle
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".

From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
                  -Tapeworm
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Mon Mar 13, 2006 6:09 pm

Re: Ethical Hacking exam

From what I understand, "Mary had a little lamb" is not a password cracking method, but rather a manner in which passwords can be composed. The idea is to take the abbreviation of the first letters of a well known song or poem an use it as a password. For example the password derived from Mary had a little lamb would be Mhall. While the password is not quite a complex password it is some-what obscure and obviously not a dictionary word, while on the other hand is still easy for users to remember because of the association to the song or poem.

Obviously you could compose a list of the first lines of many well known songs and add them in to the dictionary to use in a dictionary attack.

If my explanation is wrong, could someone please correct me.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

oyle

User avatar

Sr. Member
Sr. Member

Posts: 264

Joined: Mon Jan 02, 2006 11:19 am

Location: Cleveland Ohio

Post Mon Mar 13, 2006 8:12 pm

Re: Ethical Hacking exam

Hey, it's the first explanation I've seen for it anywhere. I guess it makes sense, although you're right, it's not a complex password, or even a good  password. But I could find plenty of obscure enough songs to use to create a decent password.

But I use a method to create complex passwords even easier: I just use any 5 to 8 characters off the Microsoft COA (Certficate of Authority) labels on PCs installed with Microsoft OSes, Microsoft software, etc. Microsoft has a server in Redmond that does nothing but crank out those 25 character Product Keys, 24/7. Any of these, taken in any order, makes for an excellent password.

You're new here, right? Welcome. Hope you have a good time here.

BTW, on the EC-Council CEH syllabus, "Mary Had A Little Lamb Formula" is technically listed as a "Hacking Tool", at least it looks like to me.
Last edited by oyle on Mon Mar 13, 2006 8:14 pm, edited 1 time in total.
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".

From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
                  -Tapeworm
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Mar 13, 2006 8:27 pm

Re: Ethical Hacking exam

Actually, Negrita was one of the first to register on CSP Mag (April 8 of last year) and has been with us a while.

Glad to see you participating on this site, too.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Tue Mar 14, 2006 1:43 pm

Re: Ethical Hacking exam

Thanks for the welcome. I was actually the 3rd member to register here too (on September 10th 2005). I stumbled upon this site when it was still an empty shell under construction, that was even before registering at CSP. At that stage I didn't know that both domains belong to don.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

cese59

Newbie
Newbie

Posts: 1

Joined: Thu Mar 30, 2006 1:20 am

Post Thu Mar 30, 2006 1:48 am

Re: Ethical Hacking exam

I am new to the site and am interested in joining the studying group for the CEH Exam. 

I just recently passed the CISSP and am on to the next giant to conquer.

If you have started a group and there are pre-requisits let me know...

Respectfully,

cese59
Next

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software