So you want to take the CEH ... (read on)

sexion8sexion8 Member Posts: 242
So you want to be a C|EH... What to study, what to learn, how many questions, etc.. Aside fromwhat you may have heard about the exam, I will offer a perspective from someone who has been in the security industry for quite some time.

The C|EH is not necessarily an intro exam but certainly not at the expert level either. It is not on the same level with the OSCP (which I also posess) and has been frequently misunderstood. The C|EH exam is an beginner to mid level certification which deals with methodologies, tools and theory. The exam sadly uses many old tools in the industry however, many of these tools can sometimes be useful, but for the most part, are obsolete. All modules in the C|EH exam will be covered in the exam and however the questions come out, depend on your luck of the draw.

Let me ramble on and clarify certain key points... A certification is usually a means to get your foot in the door of a human resources department. Many HR personnel are usually non technical and will spout out any cert they've seen or heard of. When it comes to security, I've seen HR personnel look for CISM's, CISA's, CISSP's to do incidence response, C|EH's, GPEN's to do CISO style work. Do not depend on a certification that much - this means you the taker and any HR person reading this.

Outside of the common mismatch - seeking a C|EH to become a CSO, another method of measurement is who the certification is coming from. While EC-Council has worked hard at marketing itself, many serious online hacking experts - and I mean white hats with hands on experience, look down on the exam. I really can't say I blame them since I was one who never cared much for certs before. Think about this cert really good before you decide to spend money. Ask yourself what are the pros and cons of spending money on this cert, will it add value, will I learn from it. How many companies are hiring C|EH's anyway?

As someone who has interviewed many individuals, certifications mean little to me. They may have meant something to my human resource department, but the second step in getting a good job is knowing your stuff period. So you made it through the top of the heap because you're xxx certified, question is, how well do you know your stuff? I'm liable to put someone on the spot and ask them questions relevant to what's on their resume. So if you stated you're a "security expert and have umteen years experience using Slackware" one of my favorite questions is: "You're being attacked from host 1.2.3.4 how do you stop it without using a firewall? The purpose of a question like this is to determine someone's underlying skill. You don't want to have dozens of certs and be clueless. I've dealt with many certified individuals up to the CCIE level and have corrected many, shook my head at many, and even asked which bubble gum machine they purchased their cert at. CCSP's, CCVP's, CCIE's, CISSP's, GCIH's you name it. On the flip side, I've met many certified individuals with enough clues to last a lifetime.


Research has proven that a monkey can be taught to use any tool and this is the problem with the C|EH, one too many tools, don't be a monkey, be someone who understands what their doing. Now I can understand the need to explore and use say a handful of tools per module but the C|EH took things a step too far in choosing to include any and every tool under the sun including one I wrote called Daemonic. Their selection includes tools that are outdated, will no longer work on current operating systems and are obsolete at this point.

So what do you know? Seriously, ask yourself. What do you think you know about security? In studying for any exam, you would want to understand and know the fundamentals of all the modules listed. Not solely for the exam, but for your own sake. Without some baseline to go on, all you are doing is memorizing data, data which you can and most likely will forget in a few weeks. So you took the time to attempt to memorize everything that EC-Council gave you in a half dozen or so books which are the size of a common city telephone book. What did you *truly* learn from these books? Given they are filled with pictures of tools and their syntaxes, what do you really know about the tools and what they do other than the basics?

Enough rambling, on to studies. My personal opinion to anyone taking this exam is going to come across straightforward and enlightening to some and others may be confused by it. My intention is to not only give you advice on preparing for the C|EH exam, but to give you advice on how to go about actually learning the trade. As previously stated, a monkey can be taught on the usage of a tool... With this said, this curriculum will introduce you to security from the ground up whether you choose to understand why or how. Its likely not going to be what you wanted to hear, but its what I feel is the proper method of learning and at the end of the road, I can guarantee you that you will learn more about the security industry from an all around perspective, regardless of the certification route you want to take, then you would solely focusing on the C|EH content.

Step One - Weeks One through Six

Go through understanding the OSI layer. Learn how protocols interconnect and communicate. Learn why and how things are the way they currently are. Although many shun the OSI layer, it is still highly referenced and straightfoward. You want to not only learn the names of the OSI layer, but you want to understand the communications part of it... How it all comes together. You should - repeat SHOULD understand every single part of the OSI layer. This comes in handy across all certifications in regards to tech. If someone asks you - "At what layer of the OSI does an SQL injection occur" you should know this answer. Remember, SQL operates on the Session Layer, but is an SQL Injection attack occuring at the Session Layer or at the Application Layer? Understand the core concepts beginning with the OSI model.

http://tinyurl.com/cehOSIlayer
http://en.wikipedia.org/wiki/OSI_model

Step Two - Weeks Seven through 12

Immerse yourself in networking. Learn as much as you can on how networks interconnect. From the LAN level all the way on through. I cannot tell you how many individuals swear they understand the differences between a private LAN and a WAN. My suggestion would be to grab some of the Cisco books, my order or preference would be as follows with an explanation following...

Cisco Press:
Routing TCP/IP volume I and II
Network Security Architectures
Network Security Fundamentals
Designing for Cisco Internetwork Solutions (CCDA)

So why Cisco Press books, you're not studying for the Cisco exam... The listed books have a wealth of information with regards to common concepts, strategies in security. You will need to understand networking heavily in the security arena as computers are (drum roll) networked. Understanding routing, routing protocols will definitely help you in the long run whether you realize it or not. You will need to know how a path is taken to get to a targeted machine, you will want to understand portions of packet when doing sniffer/network analysis. You will need to understand why one protocol might be chosen over another. Overall without a network, there is little to be compromised. Even locally (LAN anyone?).

The CCDA book will also help you understand the concept in designing a network and while you may not care for it - you can learn plenty of information that you can use in the real world... My suggestion is to get the books, study them frequently and understand the core of it all. I suggest checking out a store I use on ebay called Best Bargain Books. I've purchased books for $1.00 (US) and paid about $3.50 on shipping. http://stores.ebay.com/Best-Bargain-Books Also check out the used section at Amazon.

Step Three - Weeks Twelve through 20

You've begun to understand networking, have an understanding of OSI, now its time to learn a thing or two about systems... Suggestion... Pick up any distro of Linux or BSD. Head over to distrowatch and select one you think would suit you. Remember, your goal is to understand an operating system... The best way is to do so hands on. My suggestion would be a variant of Redhat, either Fedora or CentOS. "But Debian so rox0rs!@" Distribution zealotry aside, the majority of corporations stick with primarily Redhat followed by SuSE on the Linux end, Free followed by Open on the BSD end, and mega corporations tend to go with a mixture of Solaris, HPUX, z/OS, Redhat, etc...

Since you want to do the C|EH narrow things down to Backtrack to speed things up. However, tinkering with different operating systems will give you experience on certain commands which will be asked on the test. You will want to learn some form of programming language at its basic in the future should you want to be an effective security professional. Don't focus on tools as you won't always be in an environment to run certain tools. Suggestion: Perl or Python period. I'll keep any programming zealotry out of this as well. Shell scripting comes in extremely handy as well so you will want to understand common shell scripts. Browse over the archives at Google Groups, see what others are doing in terms of systems administration. LSOF is your friend!

You now have Backtrack installed or perhaps are running it via a bootable CD or USB. Now what? Depending on which version you're using, BT has a decent structure for the tools directory. For example, enumeration, exploit, etc., every tool is in its respective folder. Begin tinkering with those tools on your own network/machine. Understand what they're doing, why they're doing it. You will need to know how to use specific tools on the C|EH exam. YOU WILL BE ASKED IMPLICITLY how to use X tool in X fashion, or "Based on this output, what syntax was used on tool X". Know your tools.

"But the C|EH lists umpteen thousand tools!"

Deductive reasoning can be used here. Discover which tools are most commonly used and focus on those tools. You can fool yourself into thinking you will memorize each and every tool but you will end up overloading your brain with information you won't be able to recall. Understand the concepts - remember this, I will say it over and over: There is a core concept to it all. Understand why you would want to use say decoys with a null scan. Why you wouldn't want to perform an xmas scan, what's the difference between a SYN, FIN and ACK scan? Which tool does it best? Why? DO NOT (repeat two times) waste money on any C|EH training book. The material for the exam is extremely scattered in logic. You don't want to waste study time looking at 500+ tools when perhaps 20 will be selected on the questions. Again, understand the core concepts... This is vital not only for the exam, but for yourself.

----

Now many will disagree on my method and suggestion for taking the exam but here is my logic: My writing is based on the notion that one is taking the exam for the sake of understanding and learning from a different perspective. The C|EH is not the CISSP, CISM, GPEN, OPST, OSCP and vice versa. Some may swear its a script kiddie exam, some may shun it, others may respect it, others may not. It is nothing more than a paper stating you understand a little bit more than the average person in the use of certain security tools. You can associate tools and methods for certain technologies. Remember the monkey analogy though - a monkey + tool

Personally I enjoy the pentesting area and moved on to the OSCP exam which was actually a difficult exam to pass. There are no questions involved... You're exam? Compromise preconfigured machines using an assortment of methods. Some may be buffer overflows, some may be escalation of privileges, etc., it is a difficult exam and anyone who has taken it will tell you the same. I slept about an hour an half throughout the entire exam which consists of getting root in a 24 hour period... Other than this bit of information, I cannot and will not disclose more... I value my OSCP more than my C|EH but it is based on a matter of preference. I wanted the CHFI (which I have) but I needed the C|EH in order to get the CHFI.

Anyhow, I hope all of my rambling didn't discourage you. I seriously hope that should you take the exam, you're actually taking it to learn something and not solely looking to whore another cert. Remember, those without a clue just and up devaluing the certification as a whole... Learn as much as you can about the core concepts of security - not just the tools. Doing so will help you with further studies, be it the CISM, CISSP, GPEN, GCIH, OPST, OPSA, NSA IAM...


Good luck
J. Oquendo | sil @{infiltrated.net || disgraced.org || tormenting.net}
OSCP, C|EH, CHFI, SGFA, SGFE

(edited to fix horrible typos)
"Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius
«13

Comments

  • shednikshednik Member Posts: 2,005
    WOW...great post sexion, this may be a good path for me to begin once work and grad school lightens up a bit. Thanks for the write up!!
  • bwcartybwcarty Member Posts: 422 ■■■□□□□□□□
    Tagging this for later reference. Thanks for the info.
    Help eradicate blood cancers with a donation to the Leukemia & Lymphoma Society.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Way to cave into peer pressure! ;)

    Excellent job icon_cool.gif
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Just out of curiosity, have you looked at the new v6 material at all? If so, do you feel like that has improved the quality of the exam (as far as outdated tools, etc. are concerned)?
  • sexion8sexion8 Member Posts: 242
    dynamik wrote:
    Just out of curiosity, have you looked at the new v6 material at all? If so, do you feel like that has improved the quality of the exam (as far as outdated tools, etc. are concerned)?

    Let's take a common sense, logical approach to the V6 exam... There are now 67 modules associated with the exam. According to EC-Council, you should pass this exam in 5 days taking their course from 9am - 5pm (http://www.eccouncil.org/Course-Outline/Ethical%20Hacking%20and%20Countermeasures%20Course.htm) 40 hours to cram 67 modules. 35 minutes to learn a module.

    Is this realistic? According to EC-Council's own wording: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.

    This premise of offering so called practical experience is highly disturbing considering they make no mention of candidates acquiring or having any kind of experience in any field be it networking, security, nothing is mentioned.

    Continuing: Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system.

    How can a student learn how to optimally "secure a system" when they're focusing on pre-configured machines. This conveys a false sense of system expertise. A candidate should understand the systems they're operating, otherwise, what is the point. The biggest misconception about this entire course is that it will make someone a security expert. While they may have the best intentions in the creation of the exam, the expectations of a candidate truly knowing and understanding this to pass an exam after 35 minutes of teaching on each subject is insane.

    Moving on: Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

    I disagree. There is no way I can think of someone leaving this course "experienced" enough to call themselves a C|EH at its core. What this course will produce is someone with a wide array of useless knowledge. Using pre-defined tools does not make someone a hacker, monkeys can use tools. Because of the nature of the C|EH's structure, one million tools, 3/4's obsolete, I can see more security professionals snickering at the exam and the holders of the C|EH (all versions).

    Right now I'm currently in parallel studies on my own accord for the NSA IAM, CISM and OPST with my seat for the CISM confirmed via Vigilar in December. From all I've read and learned, I value my OSCP more than the C|EH and look forward to the OSPT exam. Its more structured, realistic and the creators of the exam hold a lot more clout in the industry. My two cents
    "Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Oh, I think nearly everyone (myself included) would agree that a 5-day course in itself is woefully inadequate when it comes to mastering the material. I was asking more about the content in general. I'm just an enthusiast at this point, so I have no idea which tools are useful, which are obsolete, etc. Do you think that they watered-down the test and made it even less valuable by adding the additional content, or did they do a decent job of cleaning up the older irrelevant content?

    I'm just looking at this to establish some sort of baseline for this type of knowledge. I'd definitely like to go for the OSCP eventually, but I feel like that's quite far from my reach at this point. I guess I see the CEH as a point between where I am now and where I'd like to end up. Ideally, I'd like to have some sort of validation along the way, to make sure I'm on the right track, if that makes sense.

    I know you mentioned you took the CEH in order to get your CHFI. Do you hold the CHFI in a higher regard, or was that just to fulfill some sort of requirement?
  • sexion8sexion8 Member Posts: 242
    dynamik wrote:
    Oh, I think nearly everyone (myself included) would agree that a 5-day course in itself is woefully inadequate when it comes to mastering the material. I was asking more about the content in general. I'm just an enthusiast at this point, so I have no idea which tools are useful, which are obsolete, etc. Do you think that they watered-down the test and made it even less valuable by adding the additional content, or did they do a decent job of cleaning up the older irrelevant content?

    I'm just looking at this to establish some sort of baseline for this type of knowledge. I'd definitely like to go for the OSCP eventually, but I feel like that's quite far from my reach at this point. I guess I see the CEH as a point between where I am now and where I'd like to end up. Ideally, I'd like to have some sort of validation along the way, to make sure I'm on the right track, if that makes sense.

    I know you mentioned you took the CEH in order to get your CHFI. Do you hold the CHFI in a higher regard, or was that just to fulfill some sort of requirement?

    The material is likely going to be a hodge podge of the same, obsolete tools. Again, the concept is on point - the more you know the better... However, the more you KNOW, not KNOW OF. I'd rather KNOW and understand cryptography than know OF cryptography. I can read a wiki entry to know of.

    If you read the initial post, I can tell you understanding the concepts of networks and operating systems is invaluable in security with regards to penetration testing, security assessments, incidence response to say the least. There is no definitive cert to give you the skill set as many differ in content, concepts and methodologies. For example the dreaded mile wide inch deep association with the CISSP... At its core, its invaluable for management horrible for technical works. Does it make it less of a cert? The OSCP is hands on pentesting, but that's all its good for, to show you have in-depth technical knowledge. You have to be the judge of which route you're going to take, the technical one, or the managerial one...

    The CHFI... If you noticed, I speak little of it... While I did learn about laws, the same applied, umpteen thousand tools. I knew enough about the concepts and tools before I took it. I was hoping to learn more with it, but was disappointed. Not only that, I came across the CCE and wished I were able to take it (long story)... In the forensics environment, there aren't that many certs, Encase's offering only applies to Encase at the end of the day.

    I learned a lot of information on forensics years ago via systems administration, incidence response and after reading countless documents from Dan Farmer and Wietse Venema (http://www.porcupine.org/forensics/) this was before Encase became some form of defacto standard... My suggested sites for this subject:

    http://www.utica.edu/academic/institutes/ecii/ijde/
    http://www.ijofcs.org/webjournal/index.php/ijofcs
    http://www.tandf.co.uk/journals/titles/01611194.asp (subscription)
    http://www.forensicfocus.com/

    I wanted the CHFI to use in regards to incidence response, not necessarily for forensics. If you ask me, the material used in the CHFI is sorely lacking but you get from it what you can. You can discover a lot of information you may have overlooked, I learned a thing or two from it definitely, but I wasn't awestruck by anything in the training, material from EC-Council. I learned more on my own and having dealt with systems administration/engineering across a variety of different operating systems and understanding A+ like material (POTS, IRQ's, etc.). I enjoy network forensics which isn't really covered by anyone outside of Laura Chappelle who is a friend of mine. She seriously knows her stuff so if you enjoy networking and forensics and would like to learn something challenging, check out her Wireshark University offerings. Be advised although labeled Wireshark University, she has written a book or two for Cisco Press as well as has trained federal agents.

    Anyhow, as for high regard, I don't think I would place one over the other since they all have different values. I can tell you which so far has been the most grueling was the OSCP because you truly have to understand what you're doing. Don't be fooled by its write up, there are twists come test time that had me stumped. You'd have to understand firewalls, how to potentially bypass them, system level administration skills to understand how to leverage accounts sometimes multiple times to escalate privileges. Real world SQL based injection attacks, enumeration and you just MIGHT not be able to use the tools you thought you'd use to whisk you through the exam ;)

    Right before I took my exam, I created an entirely scripted method I thought I would run to take the exam for me, e.g: if scan = this ; then do this else try this && if this fails ; try something_different and so on... Then I discovered, things don't always pan out that way. I ended up doing the compromises by hand each and every one and made my own set of tools outside of backtrack. It was fun and definitely worth taking for the experience. The OPST is the next one I think I'm going to enjoy. Pete Herzog has thrown together a well together methodology and practice behind it. I thought about GPEN, but I'm no longer a SANS fan. After reading through so many "Gold" papers filled with errors, I stopped taking it seriously - but that's just my opinion, I don't hold the GPEN so I can comment on its worth.
    "Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius
  • dave0212dave0212 Member Posts: 287
    dynamik wrote:
    Oh, I think nearly everyone (myself included) would agree that a 5-day course in itself is woefully inadequate when it comes to mastering the material. I was asking more about the content in general. I'm just an enthusiast at this point, so I have no idea which tools are useful, which are obsolete, etc. Do you think that they watered-down the test and made it even less valuable by adding the additional content, or did they do a decent job of cleaning up the older irrelevant content?

    +1

    I am being sent on a 5 day course for 2008, this is just so the company can start selling it as a product. I have given myself 12 weeks to go through the 70-649 syngress book and messing around with labs so I know the product before going for the exam. The course will just give me a good base before I start studying.

    P.S. Excellent post, I want to eventually move towards security and this is definitely on my list.
    This week I have achieved unprecedented levels of unverifiable productivity


    Working on
    Learning Python and OSCP
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    This is a good post.

    From time to time I provide information to enable pen testers to carry out their work. I have to say that in the main the folks I have encountered who do pen tests are clueless to a lesser or greater degree about what they are actually doing. A lot of people moved into security work the last few years, many of them do not have the foundation skills and many of them are not prepared to put in the kind of work that is necessary to be a truely effective security specialist. They read vanilla reports on something about man in the middle attacks or arp exploits and then try to force changes through without understanding how networks and systems actually operate.

    If someone is going to advise me on hardening the networks I design or support they better know their ****. If they don't I will find out.

    There are some extremely capable security specialists but it's a full time occupation.
  • bertiebbertieb Member Posts: 1,031 ■■■■■■□□□□
    +1

    For every Keatron, there are a hundred script monkeys who turn up, power on a laptop, enter an IP or two and parse the reports into a generic document with no understanding at all. Doesn't take long to find out they know very little. Still, I guess this is similar to every role in IT (and beyond) though not just security - being an 'expert' in any field takes time, effort and dedication.
    The trouble with quotes on the internet is that you can never tell if they are genuine - Abraham Lincoln
  • chmodchmod Member Posts: 360 ■■■□□□□□□□
    What an excellent post.
    It gives me extra motivation.
  • SatcomSatcom Member Posts: 110
    w0w icon_cool.gif <downloading bt3>
  • carboncopycarboncopy Member Posts: 259
    Satcom wrote: »
    w0w icon_cool.gif <downloading bt3>

    I think you should download bt4 pre final
  • SatcomSatcom Member Posts: 110
    carboncopy wrote: »
    I think you should download bt4 pre final
    wilco bt3 has a lot of freaking tools wow
  • WannaBeHackerWannaBeHacker Member Posts: 7 ■□□□□□□□□□
    Hi,

    The first post advised 6 weeks to learn about the OSI stack. That seems to be a very long time. It is not that hard to learn. Just take a TCP/IP packet and look up all of the components and understand why they are there. Then look at an attack that uses a malformed packet and you will get a feel for what is going on. It is not that hard.

    Also, the various components listed at the various layers are not all set in stone. The wikipedia info is not always consistent with other sources on the net because the components do not always fit into nice little packages. I found this out by comparing network hardware specifications. If you focus on this too much you will get confused. Wireshark tutorials will help you to understand the protocols and their structures.

    I have read this thread and though it is long and extols the virtues of OSCP cert and other certs, it does not help me in my quest to self study for and pass the CEH exam.

    In fact after reading this thread I felt more discouraged from studying for the CEH. I really don't need that, so can one of you please point me to a forum that will help me to prepare for the CEH exam?

    I agree that there are hundreds of tools and they probably will be obsolete as soon as they becomre well known.
    I also agree that just learning the tools will not help anybody in the long run.

    I don't want to argue about the merits of the CEH. I just want info on how to prepare for it.

    Thank you for your help in advance.

    dave
  • shednikshednik Member Posts: 2,005
    Hi,

    The first post advised 6 weeks to learn about the OSI stack. That seems to be a very long time. It is not that hard to learn. Just take a TCP/IP packet and look up all of the components and understand why they are there. Then look at an attack that uses a malformed packet and you will get a feel for what is going on. It is not that hard.

    Also, the various components listed at the various layers are not all set in stone. The wikipedia info is not always consistent with other sources on the net because the components do not always fit into nice little packages. I found this out by comparing network hardware specifications. If you focus on this too much you will get confused. Wireshark tutorials will help you to understand the protocols and their structures.

    I have read this thread and though it is long and extols the virtues of OSCP cert and other certs, it does not help me in my quest to self study for and pass the CEH exam.

    In fact after reading this thread I felt more discouraged from studying for the CEH. I really don't need that, so can one of you please point me to a forum that will help me to prepare for the CEH exam?

    I agree that there are hundreds of tools and they probably will be obsolete as soon as they becomre well known.
    I also agree that just learning the tools will not help anybody in the long run.

    I don't want to argue about the merits of the CEH. I just want info on how to prepare for it.

    Thank you for your help in advance.

    dave

    Would you prefer someone to sugar coat how the exam is? I'm not knocking the cert in anyway since I haven't taken it but I know the general consensus is the cert is an entry level pen testing cert that could be improved upon. There are better ways to learn the material, but the cert is more well known the some so if you really want to the cert go for it. There are others that are definitely a step above the CEH. Check out what the makers of BackTrack have to offer and see if they look more appealing to you.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Uh, it's not entry-level by any means. I had to draw upon a broad range of knowledge I'd accumulated over years; a lot of which wasn't covered in the books I used to prepare. It's not applicable to the real world. You can pass it and still not know how to run a basic N.Map scan. It's theory, and some really obscure theory at that.

    I think it takes far more than six weeks to master what's contained within the OSI model. It's not just memorizing layers and which protocols operate at those layers.
  • WannaBeHackerWannaBeHacker Member Posts: 7 ■□□□□□□□□□
    Can someone please give me a pointer to where I can find others that are interested in earning the CEH cert?

    Thank you,

    Dave
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Can someone please give me a pointer to where I can find others that are interested in earning the CEH cert?
    The all-knowing Google has revealed that the CEH forums at ethicalhacker.net are teeming with CEH-candidate hopefuls.
  • WannaBeHackerWannaBeHacker Member Posts: 7 ■□□□□□□□□□
    Thanks JD.

    I did a search and there were tons of hits.
    Many were a worthless waste of time becaue they were outdated, inactive, advertisements, gripe or bragging sessions.


    This one looks like it is active and infomative.


    Thank you again,

    Dave
  • shednikshednik Member Posts: 2,005
    dynamik wrote: »
    Uh, it's not entry-level by any means. I had to draw upon a broad range of knowledge I'd accumulated over years; a lot of which wasn't covered in the books I used to prepare. It's not applicable to the real world. You can pass it and still not know how to run a basic N.Map scan. It's theory, and some really obscure theory at that.

    I think it takes far more than six weeks to master what's contained within the OSI model. It's not just memorizing layers and which protocols operate at those layers.

    To pen testing is what I meant as being entry level not entry level period. Just like the CCENT is entry level to networking(not saying these are on the same level at all) You said the one criticism that has kept me from wanting to take exam, that its alot of obscure theory. So that is why I recommended looking at something like the OSCP as well to get some of the practical knowledge and experience. Like JDMurray said EHNet has numerous posts on the exam here's a small one.

    The Ethical Hacker Network - Review: CEH Via Self Study
  • WannaBeHackerWannaBeHacker Member Posts: 7 ■□□□□□□□□□
    Thanks for the help,
    I don’t want to debate the merits of certs and the hoops that you have to jump through to get them.
    I have plenty of certs. I use the exams as my final test on the subject. I always learn a lot more when I have an exam to focus my attention. I never forget the overall principles and the where and how of how to find the answers. I am more interested in knowing what I need to know to handle the project.

    I have looked at Pen Testing and Computer Forensics certs (I can do both) that have you take a multiple choice exam then do a “take home” hands on exam.

    I don’t care for these exams because in computer forensics and pen testing there are a lot of moving parts and even from day to day the exploit opportunities are available and the next hour after an update they are not. The same with computer forensics, one day you can find residual evidence then someone creates/updates a tool to cover that evidence track.
    In my opinion by the time I go through the “take home” part of the cert, the exploit or evidence tracks are no longer available. I like to study the subject really well, master the techniques and understand the history and sources of information. I prefer to be paid for my efforts and use them when they really count for me and my client. Not take days chasing something that someone contrived that I will never see again. This is the reason why I don’t like video games, because I know that the programmer has programmed in enough time for me to shoot the bad guy and is letting me win. It is like chewing bubble gum. It tastes good, feels good and gives you something to do for a while but it does not last very long.
    In the real world nobody is letting us win, and we are not looking for evidence or a vulnerability that someone deliberately placed there for us to find. This is where the fun is!
    In my experience I have studied a subject and then three years later I was responsible for delivering a solution. Because I knew how things worked, what I needed to do, the principles involved, where to find the information, and recognized that technology had moved forward, I was able to quickly assess the situation, acquire the knowledge and deliver.
    And before someone blows a gasket, please understand that this is MY STYLE and it works for me, therefore if your path to success is different more power to you and I wish you every success with it.
    I grew up in R&D and everything is always new and obsolete very quickly, so this is how I learned to cope.

    It’s not wrong vs. right; it’s a matter of personal preferences.
    Thanks for the pointers,
    Dave
  • jumezurikejumezurike Member Posts: 33 ■■□□□□□□□□
    SEXION8,

    Thanks a million you just changed my perspective on this exam. I thought I was ready for it. Now I have to go back to the drawing board. For one thing you are right about the non-logical nature of the certification study contents or domain. There are too many tools which are outdated or we don't know what they are really for.

    I am going to grab my book one more time. The truth is after my sec+ I NEVER thought any any security exam is a breeze.
  • jumezurikejumezurike Member Posts: 33 ■■□□□□□□□□
    I am going to take CEH on monday (01/10/11). But I think this exam is not going to be easy. Remember, this is like defining yourself as a sugeon amongst other physicians. Man from what sexion8 is saying am going to look things over for the last time.

    CEH will boost you or anyone who is pursueing a career in security. You are really going to learn how to counter the hackers. The knowledge of osi model will help you as you disect or study packets in defence of a network perimeter. I think, I and you are in the same boat. The truth is none will teach you anything but yourself. I am struggling but getting better day by day.

    Go to ebay and buy a CEH boot camp training CD or DVD good luck.
    If you can't find any just let me know I will send it to you for a fee.
    Try learning scripting and Pythaeon too.
  • jumezurikejumezurike Member Posts: 33 ■■□□□□□□□□
    Man you are great. Keep up the good work.
  • WannaBeHackerWannaBeHacker Member Posts: 7 ■□□□□□□□□□
    I wish you the best.
    Don't get too stressed because you need a good night's rest.
    Pace your self during the test by dividing the time into quarters and map them to the clock, then watch your time that way. Always answer the question even if you must guess and mark it for review after you have gone through the complete test. You have plenty of time. (Not like CISCO's STUPID CCNA exam)
    :D
  • kryptos80kryptos80 Member Posts: 16 ■□□□□□□□□□
    Wow, i was thinking about taking the CEH course/exam but after reading this thread, I don't think I will.

    I am a CCNP engineer with over 5 years experience. I want to learn more about security and maybe eventually go into the security field so i'm looking for an avenue of studying. Typically i like certifications because they focus my thinking.

    I am looking at CCNA security but its REALLY not very helpful. Its just a bunch of aaa/vpn stuff with a concentration on SDM which i never see anyone use.

    I am really tempted to go for OSCP. I know it probably won't help my career, but if the knowledge is worth it then why not, right? Thoughts?
  • WannaBeHackerWannaBeHacker Member Posts: 7 ■□□□□□□□□□
    kryptos80

    Hi Kryptos80,

    When I mentioned the CCNA being stupid, what I was referring to was the fact that the test is not hard - it covers the usual: routers, CISCO's IOS, subnetting and such...

    It is just that it is made artificially difficult because they do not give you enough time to give much thought to the problem.

    For example you are shown 3 routers and given a description of a connection problem. Normally you would look at all router configs involved before answering. In the exam you are not given enough time to do that.

    I took the exam and passed it, but compared to Microsoft, Security+ and a bunch of others, you can fail this one not because you don't know the answer, but just because you are careful, just as you should be when messing with a live network.

    That was my 1st and last cert w/ CISCO because, in my opinion, they looked like money grabbers rather than trying to raise the standards of practice.

    Sorry if I misled you.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    kryptos80 wrote: »
    I want to learn more about security and maybe eventually go into the security field so i'm looking for an avenue of studying. Typically i like certifications because they focus my thinking.
    Yes, many people like certifications because they provide a set of objectives for learning new material, much like the syllabus in a college class, and it helps them focus on studying the cert's subjects. But you can still study for a certification just to learn the material and not take the exam. The point of going for a cert in a new area of learning is mostly to learn the material and not take/pass the exam anyway. I've already done that with a few certs and will do it with a few more.
  • holysheetmanholysheetman Member Posts: 113 ■■■□□□□□□□
    GREAT POST!

    In other news...hopefully when CEH v7.0 is released this Spring, I'll be sure to ask the administrator if the questions with the old tools are going to be removed... I am not even sure...
Sign In or Register to comment.