Security Analyst

This is all about the collection of education materials, regarding security of network. It is only for IT professionals, who wanna be outstanding towards their Professional life.
 
HomeCalendarFAQSearchMemberlistUsergroupsRegisterLog in

Share | 
 

 CEH secret

View previous topic View next topic Go down 
AuthorMessage
Admin
Admin
avatar

Posts : 7
Join date : 2009-08-09
Age : 30
Location : New Delhi

PostSubject: CEH secret   Wed Jan 27, 2010 2:03 am

CEH is nothing more than a script-kiddie training. It's simply a basic security introduction training for lame system and network admins or engineers with less realworld security background. At least, those engineers can get accoustomed to the somewhat not-obsolete yet tools out there from the scene and able to realize what kind of chaos can happen from the ./ of some knowledgeable and determined intruders.

Honestly, to be able to consider thyself as some serious security personnel, he/she should have deep knowledge in C, Assembler, Perl, Python, Scriptings, various kernel developments and debugging experiences. Using a pre-compiled binary doesn't accountable for a hacker but a mere script-kiddie, and yet compiling from the source-code just make you become an advanced script-kiddie. You need to write your own tools and exploits before somebody should name themself a reasonable hacker. Breaking into the systems using ready made tools and own them would make a person just a novice script-kiddie.

A real security training should address the below issues;
* in-depth understanding of TCP/IP and individual packets
* Perl, Python, and shell scriptings
* C and Assembler coding, debuging
* Kernel developments
* deep understanding of different platforms and system architectures
* thorough understanding of different network services and behaviors
A true hacker needs many kungFOO skills to begin with

1. knowing several programming languages including multiple assemblers and C/C++
2. knowing several scripting languages, Perl, PHP, Python, batch etc.
3. medium to high level understanding of system AND CPU architecture.
4. medium to high level understanding of digital logic and timing charts (needed to really understand protocols for data transfer).
5. almost legendary understanding of debugging tools (fits with assembler).
6. some basic electronics (low level is probably enough) so you can understand evolving technology.
7. several years of experience and willing to endure bad hygiene and beard stubble while working on a problem

I would say it would take at least a full year for a serious learner to understand the proper security basics and concepts before he/she can advance further. And it would take quite sometime for him/her to be able to write shell codes and buffer overflows or at least interpret the codes correctly.

It would be very wrong for a fresh CEH to think putting DENY ANY ANY on the firewall would prevent a hacker from getting inside the network perimeter nor using the tools provided from the training would make him/her an elite hacker. Let's face the reality, a simple flaw in the underlying TCP/IP suite could cause a buffer overflow and either crash a system or provide a root shell either be it an *nix based systems (ie, including cisco, juniper, etc...) or Windows systems; while fully patched and strictly configured kernels would be difficult to break in.

The CEH programme should rename to Certified Security Tools and Automated-Script Operator with similar fancy acronym CS.Tao instead, which would make them fair. On the other hand, a real hacker would not be bother about CEH anyhow.

I would not discourage people from pursuing CEH. System admins without security concepts requires some security training anyhow to know what kind of misuse and abuse can happen from the readily available tools out there. However, they shouldn't consider themselves as they understood security completely, and instead they should further continue the studies mentioned above. And again, the word "Ethical" would be only meaningful upon how they utilize from the tools and exploits they've developed and proper disclosure to the vendors in the professional manner prior they submit to the general public.

It's just upsetting that the certification title EC-Council has given was misleading and putting many people into the wrong direction or misunderstandings about real security engineers or analysts. However, definitely this name creates a big money making scheme for EC-Council from the trainings and certification. In my opinion, for any serious security admins, I would rather suggest for the SCP programmes at least if not SANS. In combination with CISSP and CISA/M are helpful for those who already gained several years of realworld security backgrounds and willing to advance their career in the IS auditors or management levels. And I do belive my inputs here regarding CEH were just a constructive critism.
Back to top Go down
View user profile http://securityanalyst.darkbb.com
 
CEH secret
View previous topic View next topic Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Security Analyst :: Your first category :: Your first forum-
Jump to: