- Every student had P3/4 Dell laptops with XP/RH-9/W2K server installed through VMware
- Instructor had several boxes & several servers (VMware) for "Capture the Flag" exercises
- Wireless connection used to assist in WLAN attacks & probe packet sniffing
- All software (open source / commercial) preinstalled on each laptop and working
- "Security Warrior" was the text mailed out and hopefully read before attending CEH
Rather than sticking with the typical CEH curriculum of learning a 1000 tools & watching slides, InfoSec took a pen-testing approach and incorporated certain tools as we progressed in the pen-testing model. They mentioned that this way we would have reference points on how to proceed and where to incorporate new tools as they came out rather than walking away without a solid foundation in pen-testing.
We approached each lab & teaching as if we were dealing with competent intrusion analysts which raised the bar of awareness, rather than expecting a completely open system where the secretary is also the SysAdmin.
The instructor also approached the pen-testing model mostly from a black-box testing aspect where stealthiness & quietness (packet-wise) was emphasized rather than going in LOUD using Nmap & default settings with vulnerability/penetration scanners which also serve a purpose (white-box test). Customizing tools & scripts were also discussed to evade detection and investigations by Computer Forensic analysts.
- numerous labs that worked since the boxes were preconfigured with tools (many weren't in the CEH outline) that work in a stealthy manner
- some tools weren't installed to show us how to install .rpms & .tar files (actual lab)
- lab manuals included both Windows & Linux attacks that builded upon previous labs
- labs began with a step-by-step approach, then slowly omitted steps that were previously covered in other labs (nothing critical). I think that approach was to exercise our familiarity with what was learned
- didn't always have enough time to complete all the labs per section, but many were covered (usually 5 per section: e.g. 5 for SNMP attacks, 5 for web application attacks)
Capture the Flag exercises (Red Teams):
There were four exercises (one per night) where we were separated into separate Red Teams to successfully complete several objectives per exercise. We would use the attacks discussed & practiced on the instructor's servers where he monitored the network for "loud" and obtrusive attacks. Obviously this was not done on the first 2 nights, but as our skill level progressed, so did the awareness of intrusion detection.
Many nights we worked on labs & CTF exercises until 10-11:30pm.
Very satisfied with the breadth of knowledge by the instructor, course outline, and organization of lab materials. There was probably 70-80% Federal employees there who attended the course ranging from Pen-testers, Sysadmins, Intrusion Detection Analysts, Programmers, Network Security Engineers, Graduate students, and Front-end Developers who benefitted from seeing major problems with software attacks which were covered & practiced (SQL injections, Cross site scripting, Web app attacks).
You are required to have a solid understanding of network essentials, TCP/IP, Malware, and encryption algorithms (or read Security Warrior 3X) before attending the CEH course with InfoSec Institute since there is no way to completely cover 20+ domains in 5 days unless they omit most of the hands-on labs. This was an advantage for me since I had previous experience and formal education with such topics. Having said that, their focus is more on penetration testing/hacking than vulnerability assessments where exploits are never confirmed.
Not sure if I could recommend it to a newb in the pen-testing/network security world unless they put in the time to absorb the Security Warrior book prior & during class. It's not about doing port scans or running Nessus since intrepreting the results and not setting off IDSs are important factors to consider in different attack vectors. At least a review was conducted on Friday morning before the CEH exam.
I am currently learning Perl and will try to squeeze in Python before attempting their advanced ethical hacking class which also exceeds the outline of the ECSA certification which follows the CEH. The course book being used is The Shellcoders Handbook http://www.amazon.com/gp/product/0764544683/qid=1150807828/sr=2-1/ref=pd_bbs_b_2_1/002-3201132-0513627?s=books&v=glance&n=283155 written by Jack Koziol (who also wrote Intrusion Detection using Snort) who teaches the Advanced Ethical Class at InfoSec Institute.
Probably will take the (CPTE) class with Mile2 in August/Sept prior to attempting the Advanced EH class (CEPT/ECSA) with InfoSec Institute in Oct/Nov since it deals a ton with writting your own shell scripts, reverse engineering, and scanning code for exploitation.
Hope this helps. Tried to be specific without being TOO specific so as not to give away the family jewels for them.