Looking for a more hands on technical Network Security cert

SMiKE03SMiKE03 Posts: 6Member ■□□□□□□□□□
Little background, I've been doing IT support for awhile now and have more than capped my abilities here. I've only been interested in InfoSec and am basically just waiting for a FTE position to open. I have my Sec+ and am taking my CEH (I know gpen and oscp are more highly regarded, but wanted the basics first). I enjoy more technical and practical courses rather than learning just the theory.

My question is, I want to study a more defensive based cert that is technical and hands on. I was looking at that ECSA, but I know EC council doesn't have the best reputation. Any suggestions?


Thank you!

Comments

  • NetworkNewbNetworkNewb They are watching you Posts: 3,133Member ■■■■■■■■□□
    Wireshark Certified Network Analyst (WCNA)... GIAC Certified Intrusion Analyst (GCIA)... There is a Qualys certification out there... Could go down the Cisco security path...

    There are other SANS course as well depending on what topic you are specifically looking into.
  • SMiKE03SMiKE03 Posts: 6Member ■□□□□□□□□□
    Awesome, I'll check those out. I thought about CCNA Security, was just kind of thinking of studying a more vendor neutral topic. Just really wanted a more practical and technical cert. I can study theory all day, but without being able to apply it, I don't think it does that good for me. Still have a long ways to go, and don't want to over certify myself until I get more experience, but I want to keep learning.
  • soccarplayer29soccarplayer29 Senior Member Posts: 229Member ■■■□□□□□□□
    How about eLearnSecurity (eLS) Practical Network Defense (PND) (https://www.elearnsecurity.com/course/practical_network_defense)?

    eLS is popular with the eJPT and eCPPT courses but the others don't get as much attention. Looks like it covers the theory but also has 10 labs so you get some hands on technical experience also. It isn't as recognized as other certs but if you're in it for the knowledge then might be a good option.

    A specific SANS course you might be interested in is the GCIH or GCED.
    Certs: CISSP, CISA, PMP
  • 636-555-3226636-555-3226 Posts: 976Member
    Certs are good for the basics, but even most SANS courses don't go deep. If you want to go deep, you're going to need to download and learn to use the tools themselves. If you want defensive hands-on skills (without a cert), download and install Security Onion at home. Run some VMs (with torrented pirated Windows that are likely pre-infected with something), and infect the heck out of them to create lots of malicious traffic going in & out of your house.

    If I'm hiring for a defensive security position and you've had security onion running in your house for the past year and have been doing your own incident response with that kind of stuff, major double extra super bonus points. Much better even than any SANS or Offensive Security certs since it shows you've got major hands-on technical chops and can start contributing to my department from the first hour you walk in the door.

    Then get that new job and make them pay $6k for your SANS classes.
  • johndoeejohndoee Posts: 115Member
    Certs are good for the basics, but even most SANS courses don't go deep. If you want to go deep, you're going to need to download and learn to use the tools themselves. If you want defensive hands-on skills (without a cert), download and install Security Onion at home. Run some VMs (with torrented pirated Windows that are likely pre-infected with something), and infect the heck out of them to create lots of malicious traffic going in & out of your house.

    If I'm hiring for a defensive security position and you've had security onion running in your house for the past year and have been doing your own incident response with that kind of stuff, major double extra super bonus points. Much better even than any SANS or Offensive Security certs since it shows you've got major hands-on technical chops and can start contributing to my department from the first hour you walk in the door.

    Then get that new job and make them pay $6k for your SANS classes.

    So, tell him to do something illegal? Interesting thought process.
  • Moldygr33nb3anMoldygr33nb3an Posts: 241Member
    You can get Windows VMs from Microsoft for free. They only last like 90 days, but just make sure you take a snapshot so you can revert back after the 90 days or if you brick the VM.
    Current: OSCP

    Next: CCNP (R&S and Sec)

    Follow my OSCP Thread!
  • 636-555-3226636-555-3226 Posts: 976Member
    The idea behind downloading a torrented, pirated Windows is to get something that you know is likely infected and then begin going through standard infosec motions. I absolutely do not condone or encourage using pirated or bootleg software for normal, day-to-day use, but in terms of learning computer forensics and incident response, it's quite useful. I know quite a few people who brush up on IR, forensics, and malware reverse-engineering by downloading pirated OSs, software and keygen/patching programs from very shady sites and then seeing exactly how the bad guys booby-trapped them.

    Yes, you can get free, clean versions of Windows from Microsoft (and we use them here for some of our labs), but they're not going to help you with IR, forensics, or malware reverse-engineering by default out of the box.
  • SteveLavoieSteveLavoie Posts: 572Member ■■■■□□□□□□
    One part of my business is a computer repair shop that mostly disinfect PC from all kind of malware. It was the perfect source of malware **** :)
Sign In or Register to comment.