.

CEH 5 Review on professional securitytesters.org

<<

Cutaway

User avatar

Jr. Member
Jr. Member

Posts: 96

Joined: Mon Nov 20, 2006 5:02 pm

Post Thu Dec 21, 2006 9:55 am

CEH 5 Review on professional securitytesters.org

I noticed this on the Professional Security Testers site.  I don't think this is a repeat but if it is then I apologize.

CEH V5 -- THE RETURN OF THE MATRIX
http://www.professionalsecuritytesters.org/modules.php?name=News&file=article&sid=720

As I have not been exposed to CEH I am not sure how this stands up.  I would be interested in reading the comments of persons with the certification.

Happy Holidays.
Last edited by Cutaway on Thu Dec 21, 2006 10:45 am, edited 1 time in total.
Go forth and do good things,
Cutaway
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Dec 21, 2006 11:31 am

Re: CEH 5 Review on professional securitytesters.org

I read the article and it's not a new argument. I have seen the same statements made against the CEH consistently. I am not currently CEH certified but I have read through the CEH v5 courseware and lab manual.

I've also asked about the tools involved on the test in comparison to what's printed in the courseware and haven't really received a clear response.

Here's my personal opinion on the matter...

I think there are far too many people out there that expect to be hand-fed information on a silver platter and then think they're going to turn into a "super hacker" overnight just by reading this courseware. The courseware does a good job explaining various topics and how they work from a technical perspective. Then they throw a bunch of tools at you and give a *very brief* description of most of them (probably taken directly from the 'about' on the homepage of the tool). A couple of tools they explain a little more in detail (ex: nmap covers the different switches and what they do).

Now, I don't have my v4.1 anymore to compare to, but I did flip through that, and I can say that the lab manual for v5 seems to a bit more useful than 4.1. I've not gone through the entire lab manual yet, but so far it walks you through installing certain tools and may or may not give you a quick statement of what it does. For the most part, it's up to you to play around with the tool and see what all functions it has.

In the courseware they go over the CEH hacking methodology and explain the steps. Tools that can be used for each step are listed. At that point it's up to the reader to learn the ins-and-outs of the tool. Yes, there is a ridiculous amount of tools listed throughout the courseware. In a training class, hopefully the instructors will point out the important ones and go into what detail they believe needs to be taught. And that's where the difference comes in from studying on your own to taking a training course. Basically what it comes down to is how you want to learn. If you're very interested and you really want to learn, you will. If you want someone to give you a quick run-down of certain things, and then you expect to be an expert from that.. well good luck. All in all... practice, practice, practice, then practice some more. The more familiar and experienced you get with any tools, the better understanding you'll have of which ones to use, which are better to use when and so forth.

Anyway, that's my 2 cents hope it helps... someone. Best of luck :)
<<

LSOChris

Post Thu Dec 21, 2006 6:02 pm

Re: CEH 5 Review on professional securitytesters.org

venom77 wrote:

I think there are far too many people out there that expect to be hand-fed information on a silver platter and then think they're going to turn into a "super hacker" overnight just by reading this courseware. The courseware does a good job explaining various topics and how they work from a technical perspective. Then they throw a bunch of tools at you and give a *very brief* description of most of them (probably taken directly from the 'about' on the homepage of the tool). A couple of tools they explain a little more in detail (ex: nmap covers the different switches and what they do).




i'll second that comment.  i dont think focusing entirely on the tools is that great but i'll say this in defense of the courseware.   you are expected to already have an understanding of networking and expected to have some background already in networking & sys admin.  maybe, and i'm just throwing this out there, i can give you 10 different packet manipulation tools to talk about and play with because i already expect you to understand OSI layers, TCP, UDP, what an ICMP packet looks like, TCP packet looks like, etc...

if you dont understand basic networking or the underlying reason some of these tools do what they do and why; maybe you dont have the required background for the course?

of course if this is true:

"This version seems once again focused on tools without any regards to where the tool should be use, what the tool does, what packets it sends, and where it would be use. "

then there are probably some gaps in the material.
Last edited by LSOChris on Thu Dec 21, 2006 6:05 pm, edited 1 time in total.
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Thu Dec 21, 2006 9:48 pm

Re: CEH 5 Review on professional securitytesters.org

After reading the article, it made me realize that you definitely have to create a list (with description) of all the tools mentioned in the CEH v5 courseware and memorize them in order to pass the exam. Wow, this is going to take me while to compile this list. EC-Council should at least provide students a mini review guide of tools if it's so important for the exam, I mean,  why do we have to go to all this trouble after paying around 400 to 500 dollars for the courseware.
Security+, OSCP, CEH
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Dec 22, 2006 9:04 am

Re: CEH 5 Review on professional securitytesters.org

ChrisG wrote:of course if this is true:

"This version seems once again focused on tools without any regards to where the tool should be use, what the tool does, what packets it sends, and where it would be use. "

then there are probably some gaps in the material.


With that statement made by the author, I'm somewhat curious as to whether they read the actual material, or just flipped through the pages and randomly looked at pages with tools listed. If you do that, then no doubt you will be overwhelmed by the amount of tools and lack of explanation on tool pages. However, the courseware goes through the different stages of the ethical hacking process and they explain what the purpose of each stage is, then list tools for that stage. To me, that should pretty much tell you where the tool should be used and probably a good idea of what it does. Past that, it's up to you to try out the tool and learn its specifics. Would a little more information be helpful? Of course it would. Is it completely necessary? No, the reader should have the capability to figure some things out for themselves.
<<

oleDB

User avatar

Recruiters
Recruiters

Posts: 236

Joined: Thu Jul 20, 2006 8:58 am

Location: HOA

Post Fri Dec 22, 2006 3:08 pm

Re: CEH 5 Review on professional securitytesters.org

Less Tools + More Methodology + Real World Scenarios = Better Exam

Teaching 500 tools is completely retarded when you never use that many. I would rather get indepth coverage of the SANS Top 20 tools like nmap, tcpdump, nessus, metasploit, kismet, etc then simply learn the name and general purpose of something you will never use except to pass the exam. The bottom line is that tools change too frequently while hacking methodology is tested and true.

I think spoon feeding somebody a tool is like giving them a fish. While showing them why the system/application is insecure is like teaching them to fish.
<<

Kev

Post Fri Dec 22, 2006 8:51 pm

Re: CEH 5 Review on professional securitytesters.org

Actually they don’t even try and teach 500 tools but merely expose their existence. That might be the biggest weakness of it all. To me, the proper way would be to instruct someone on the Insecure.org top 100 network security tools. Being familiar with them is a must I believe if you want to be a professional pentester.  But I would also expose quickly all the tools out there, just so the pentester at least has heard of them. In other words, I think both methods are important.

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software