HELP

I just started attending the CEH course, an i must say my jaw droped when i saw the SIZE of the official coursework books. I have the official review guide and the exam cram book. Are these two books a good source to study for the exam. Any good practice tests available? I was considering boson personally. I also purchased CBT nuggets. Any info re this matter is appreciated as I drought anyone can pass this exam with a bootcamp course unless there gods in the subject (which im not unfortunately)

Find more posts tagged with

Comments

sexion8

dredlord wrote:

I just started attending the CEH course, an i must say my jaw droped when i saw the SIZE of the official coursework books. I have the official review guide and the exam cram book. Are these two books a good source to study for the exam. Any good practice tests available? I was considering boson personally. I also purchased CBT Nuggets. Any info re this matter is appreciated as I drought anyone can pass this exam with a bootcamp course unless there gods in the subject (which im not unfortunately)

Here are my two cents on this matter... The textbooks given by EC-Council consist of a lot of bloated material - screen shots of tools, syntaxes of tools. The best way to work around this is to understand the concepts of modules and the most commonly used tool(s) for each module.

My advice would be to play with the tools for some time before taking the exam. Understand which tool does what, why, how and when is it best to use each specific tool. Don't be overwhelmed by the amount of tools in each module, consume yourself in understanding the main tools for each module. I don't want to give away the gist of the exam besides, NDA, etc., so all I can advise is understanding the concept of each module, and core tools used in each module.

On to rambling... Why the C|EH? What is it you anticipate from the course. If its for the sole sake of certifying, you're going to be disappointed. If its for the sake of truly understanding and learning the industry, then begin in the same method as you were studying for the CCNA. Understand the protocols from the ground up. Understanding intercommunications between sockets, and how the technology in each module communicates on the OSI layer.

For example, if you intend on say enumerating a host, would you use Wikto, NMAP or NSAuditor? Why. What if you knew the server you were enumerating was a website and that's all you were concerned with, which tool would be best?

My thoughts on the exam is that it was filled with bloat and old tools. I took the exam having over 10 years experience so I sort of slept through the class and even taught a majority of the others on the true uses of certain tools. A tool I created is used in the exam and many of the tools used in the exam were created by individuals I know - so I had vast experience with their syntax and usage.

The concept of the exam is on point however, as with the saying of the CISSP - mile wide, inch deep. If you intend on pursuing penetration testing as a career, then check out the OSCP, OPST, GPEN exams which offer a lot more information, core theories and real world scenarios. If you intend on taking the exam for the sake of "look at me" then consume yourself with utterly useless information on old tools. Good luck.

As for study material, you are your own study material. Download any Linux based distribution - or Backtrack since it is referenced, load up the tools you see in the books and try them out. Use them over and over to the extent that if you're asked to do an nmap null scan on ports 22, 80, 135 using decoy hosts, you can fire off the syntax in your mind.

PS... I recently answered something similar to this you may want to check out... http://marc.info/?l=pen-test&m=122141753415974&w=2[/b]

rbutturini

Those books are USELESS!!!!!!!!!!!!!!! If you want to have study material that's not just exploring on your own (which is still my favorite way to learn) grab the CBT Nuggets. Also, the DE-ICE.net live hacking CDs are a great way to hone your skills in some of the exam areas.

dynamik

Ok, I laughed at "script kiddiot".

Sexion, you need to write a massive post, so we can make it a sticky and just refer to people to that. I think this is the third huge CEH post I've seen from you in the last week or two. I've enjoyed hearing about your thoughts and experiences. Thanks!

Rbutturini, how did you feel about the value of the CBT Nuggets? Those are insanely expensive compared to their other series. I'm going to try to snag a streaming subscription and hit those up then. I don't think I could justify it otherwise. James does a great job with the MS CBTs, and I've been wanting to check out his CEH series.

sexion8

dynamik wrote:

Sexion, you need to write a massive post, so we can make it a sticky and just refer to people to that.

Sorry, I'd hate to step on toes as Keatron moderates this thread. I don't mind doing one, but alas, I have no permissions to do so you know... Should Keatron chime in, I'd make a detailed one

dynamik

That was intended to be more of a compliment than an actual demand.

(Although it would probably save you some time in the long run if you plan on continuing to make these large, detailed posts)

However, I think it's safe to say that no one is going to be offended by contributions from knowledgeable and experienced members. I unfortunately cannot guarantee sticky status though, so proceed at your own risk

zen master

sexion8 wrote:

As for study material, you are your own study material. Download any Linux based distribution - or Backtrack since it is referenced, load up the tools you see in the books and try them out. Use them over and over to the extent that if you're asked to do an nmap null scan on ports 22, 80, 135 using decoy hosts, you can fire off the syntax in your mind.

PS... I recently answered something similar to this you may want to check out... http://marc.info/?l=pen-test&m=122141753415974&w=2[/b]

Just curious, what are your thoughts on the Backtrack vs. nubuntu debate? I've played around with nubuntu and it seems pretty good, but I haven't used Backtrack yet. Is one vastly superior to the other, or are they reasonable substitutes one for the other?

sexion8

zen master wrote:

sexion8 wrote:

Just curious, what are your thoughts on the Backtrack vs. nubuntu debate? I've played around with nubuntu and it seems pretty good, but I haven't used Backtrack yet. Is one vastly superior to the other, or are they reasonable substitutes one for the other?

I personally haven't tried nubuntu so I can't make a judgement, aside from that, I generally dislike the *buntu distributions period. I started using NetBSD for my personal operating system when 1.0 came out circa 1995. Moved over to all sorts of variations Open, Free, over to Linux (slackware, etc.).

For me... I have my own mini distro similar to BT in design however, I have tools I created on my own and substitutes for many common tools, e.g., scanrand, firewalk, nemesis, a slew of voip tools since I work at a VoIP carrier and have been doing more VoIP security... screenshot: http://www.infiltrated.net/shogundistro.jpg I also have a variety of OWASP related tools and some commercial ones as well, Cenzic, Webinspect, etc.

I figured making my own was the best route to go since I found using my own methodologies for testing was easier and more practical then most of the offerings I've seen from other "pentesters". Being around the block for a while exposed me to some truly smart individuals who I've learned a lot from. I learned a long time ago, its not about the tools, its about implementation, knowledge, etc., some tools are priceless, others are worthless. I keep iterating the need to learn things from the core, the reasoning behind this is, can you perform a pentest WITHOUT common tools? I can using curl, wget, links, perl and ruby. You may at some point find yourself in a position where tools won't be available, would you know how to pull it off without tools? Learning the core concepts is vital if you seriously want to be the best at penetration testing/hacking.

dredlord

Thanks for the posts they were very informative

rbutturini

dynamik wrote:

Ok, I laughed at "script kiddiot".

Rbutturini, how did you feel about the value of the CBT Nuggets? Those are insanely expensive compared to their other series. I'm going to try to snag a streaming subscription and hit those up then. I don't think I could justify it otherwise. James does a great job with the MS CBTs, and I've been wanting to check out his CEH series.

Sorry for not getting back to this sooner, the job has had me quite tied up the past few days.I really enjoyed the CBT nuggets material! It had a lot of good information and the instructor was really fun. It covered the exam quite well.

rbutturini

zen master wrote:

sexion8 wrote:

As for study material, you are your own study material. Download any Linux based distribution - or Backtrack since it is referenced, load up the tools you see in the books and try them out. Use them over and over to the extent that if you're asked to do an nmap null scan on ports 22, 80, 135 using decoy hosts, you can fire off the syntax in your mind.

PS... I recently answered something similar to this you may want to check out... http://marc.info/?l=pen-test&m=122141753415974&w=2[/b]

Just curious, what are your thoughts on the Backtrack vs. nubuntu debate? I've played around with nubuntu and it seems pretty good, but I haven't used Backtrack yet. Is one vastly superior to the other, or are they reasonable substitutes one for the other?

nUbuntu is easier to install extra tools on, but Backtrack is still the king, especially with all the stuff included in version 3. If there's something you need, it's most likely in Backtrack.

sexion8

rbutturini wrote:

Backtrack is still the king, especially with all the stuff included in version 3.

My personal distro can give BT a run for its money. Its loaded with OWASP tools, VoIP tools, heavy networking tools many which aren't publicly available. Its based off of Linux Mint (Debian edition), has a bootable USB with an optional USB switchblade to go distro on it as well. I have it running Wine with some pretty cool Windows forensics tools on it. I thought about releasing it, but don't have the time to make a full blown distro. Besides that, a lot of friends I know would be pretty ticked off at disclosing personal tools so I respect their wishes.

Its not difficult to make your own distro similar to BT, in fact you can take BT and continue to load MORE tools onto it. For me, it was easier to streamline something for myself (one size doesn't fit all). I removed all the stuff I don't need for space constraints, man pages, help docs, stuff I wouldn't read. Tweaked the kernel up.. Its a nice project to get into if you have the time and patience.

For those doing application testing, I suggest heading over to OWASP (www.owasp.org). Those doing VoIP testing, head over to VOIPSA (www.voipsa.org). There are a number of sites outside of the typical milw0rm which have some pretty cool tools to be discovered. HackingVoIP.com is another.

darkerosxx

Did you end up taking the exam, Dred?