The Value of a (Ethical Hacker) Certification

Ok, I admit it. I have totally slacked off on getting that CEH certification. I’ve had the boot camp, I’ve amassed lots of great books and resources, I’ve even talked to some people who have passed it, but I still haven’t been consistent about studying. For a while I was pretty consistent. I read the Official Study Guide and started working on an Unofficial one.

Why don’t I have that cert yet? I suppose I just don’t feel I have a reason to have it. It would just be for show because I don’t really do pen testing. ’d like to, but in my job, I don’t usually have the opportunity to do it or reason to do it. I’ve already got the CISSP so I don’t need the CEH for some kind of prestige. Many hackers piss on certifications they are not impressed with them and are willing hurt anyone who flashes the credentials. The CISSP trumps most certification. The only real benefit for me getting it is that it would force me to get more familiar with tools like netcat and Snort which I don’t use enough. I am interested in cyber kung fu. Lately, I have been more drawn to the scientific and mathematical side of technology.. the side where the innovation are born, not just mastered. I’ve been sharpening up my math skills and plan on getting into Computer Science, Electrical Engineering or physics.

I haven’t decided whether I want to take the CEH because I want to do something that has more depth. I suppose I could complete the CEH, go through Computer Science and specialize in security/crypto/info assurance and follow in the foot steps of Bruce Schneier and Steve Gibson. In the beginning, certifications were definitely a step up, but I’m in a place now where they are just ornaments, flashy bobbles I could decorate my name with when I need an ego boost. If my wife and kids are giving me lip I can say, “don’t you know I am a CISSP, A+, B, C, D, E, F, G. You MUST respect my awesome test taking ability!”

I’ve said it before, I think certifications can be of great value. If you work for the Department of Defense in IT you pretty much MUST have one (per DoD 8570). Certifications can give you that extra edge against competing employees in the private sector. Problem arise when the IT certifications value is taken out of context. Like the 8570 which makes it mandatory to have a certain certification regardless of your experience and/or degrees. That is a bit much. Not everyone who passes the CISSP can configure a firewall properly. But perhaps thats the reason the DoD wants system specific certification.

Popularity: 2% [?]

Legal Hacking Cases

The official Certified Ethical Hacking course material identifies three types of hackers:

Black Hats: criminal hackers

Grey Hats: hackers that find exploits because they want to (not for good or bad intentions)

White Hats: hired penetration testers

The media and many parts of the information security profession lumps all ‘hackers’ into one big box labeled “criminals”.  I used to think this way as well until I went to Defcon.  It was a real eye opener.  I saw hackers who want to do something good for the consumners.  I saw several government agencies attempting to hire the best and brightest hackers and of course, I saw hackers that may very well have been working on the darkside.  The point is that “hacking” itself is the just a technique to find, and exploit weakness in a given system.  It is not intrinsically evil.  Hacking is just a method, the intent of the user determines whether or not there is a adverse effect on individuals, organizations or a given society.

Contrary to popular conservative/traditional beliefs the world is not black and white.  There are cases in which hacking is legal.  Just take a look at these legal hacking cases:

Ethical Hacking.  Involves getting formal permission from the “target” prior to hacking.

Hackthissite.  Hack this site is one of many sites that allow users to freely hack their way in.  This is done for fun, for learning or just for the heck of it.  Typically, there are rules and guidelines that are create so that the user and the host can benefit from the learning experience. 

Reverse Engineering is Legal.  Cases of reverse engineering have been deemed as legal in the U.S. in many other industries.  The legalities for reverse engineering software are still being shaped by a new breed of cases. 

1999-2002: DVD Copy Control Association (DVD-CCA) vs. Bunner, et al.  The DVD-CCA attempts to sue anyone distributing a descrambler software that was created by reverse engineering their product.  They even attempt to sue anyone linking to sites giving out the descrambler.  initial case 2 | eef involvement |  Bunner and other won the case  *note: there were not even the ones who reverse engineered the product

The attempt to Legalize Intrusions for Corporations.  In 2002, Rep. Howard Berman (D-Calif) tried to pass a law called the Peer to Peer Privacy Prevention Act (2002) which would have created section 514 of U.S.C 17 Chapt 5 allowing companies to legally hack into computers to find pirated software and intellectual property and use that information in a court of law against the assailant.  Article on Peer to Peer Prevention Act

 

 

Popularity: 2% [?]

Ethical Hacking Official Course Material (Book)

As of July 2007, the official course material book on Ethical Hacking is going for $5 on Amazon.  The cover price is $70 in the US and over $100 in Canada.  This should tell you a lot about what people feel about this book.

The hate for this book is so profound that it makes me laugh.

Here are a few comments:

“I know this has been said but it really needs emphasis. This is perhaps the most poorly written and presented compilation of misinformation I have seen since the 5th grade.”

“If the author of this book isn’t going to take the time to correct the misspellings and grammar issues, that speaks volumes about the quality of the content.”

” The EC-Council has a great CUT and Paste method of publishing a book, they don’t even list the Author.”

“I agree with all the negative comments. This book is poorly written.”

It touches on all of the modules of the test, its just that there are so many issues with the way it is put together.  Its almost as if the EC Council had a week to put something together so they gathered all there slides and copied and pasted them in this book then expanded on each slide.

One of the Amazon readers put it well:

Here are a few notable indicators of the quality of the book:

* There is no reference section or bibliography and there are only a couple references made to outside works. Most of which is the legislation they quote and a couple quotes from notable manufacturers.
* They do not cite any of their quotes correctly. The closest they get is, “A quote from the Internet says…” or “(Reference: Cryptography FAQs published on the World Wide Web)” No web site, date or proper credit is ever given. I’m suprised they actually listed the URLs for the tools they discuss.
* The table of contents is very high level, there is no table of figures, or table of tables. There is also no index or list of terms.
* They attempt to redefine established industry terms in their own style, often incorrectly or in contradiction to earlier statements.
* As noted in previous reviews, grammar, spelling and typos are prevalent throughout the book. Most notably is the pres ence of sp aces in the midd le of wo rds.

When course material is this bad, it is very hard to take the certification seriously.

Popularity: 2% [?]

Certified Ethical Hacker Exam Prep (amazon review)

Found a good review of Mike Greggs book, Certified Ethical Hacker Exam Prep from Amazon reviewer, N. Rossino (NY) :

The previous poster did bring up a good point: this book will not teach you how to hack. It WILL help you pass the CEH exam. It lays a very good foundation, and the only reason I give it 4 stars was because it was lacking the detail and depth to be fully comprehensive.

Keep in mind, that this book is meant for people who do have an administration background and who happen to be pretty familiar with Linux and Windows. The book is written for that group of people because without that experience, you probably won’t have the experience necessary to be a CEH.

I happen to read all 3 books for the CEH that are listed on Amazon. The Sybex book, the EC-council book, and this book. By far, this book was the best out of the 3. The Sybex book was a waste of money as it wasn’t as good as this book and it had even less depth. The EC-council book had a bit more detail in some topics, although it lacked cohesion and was poor at presenting the thought behind it. I think this book and the EC-council book compliment each other, and give you a pretty good idea of what you actually need to know. I would start with this book and finish up with the EC-council book and/or courseware. My reasoning is that you should set the foundation first and this book does that.

Also, as with hacking, google is an excellent resource. These two books won’t be enough to fill all the holes, but the internet is a damned good filler.

In conclusion this book provides for pretty good preparation for the actual test, and is a comfortable read.

ABOUT THE TEST:

150 questions, you have 4 hours. I took only 2 and scored an 86%. 70% is passing. I studied for only two weeks, but have extensive background in the subject area.

The test is very specific, and you are expected to know the material in detail - NOT just concepts. The test is geared towards people with security experience, and the test questions are true to that purpose. It will be very difficult to pass if you:
1) Don’t know linux
2) Don’t understand Microsoft’s OS and operations
3) never actually used any of the hacking tools

Linux is not a MAJOR part of the test, but there are enough questions on linux command line operations to make a difference.

Keep in mind, just reading alone will not let you pass this test. It is very important that you try out the most popular and important tools (firsthand!). You will be asked about specific commands, and be expected to know them. Know nmap, snort, hping2, tracert and tcpdump down cold. Know the ICMP codes and types. The only way you learn this stuff is to actually practice it.

Popularity: 3% [?]

SC Magazine Awards 2007: Training Camp listed

Training Camp has been named a finalist in the SC Magazine Awards 2007 for the Best Professional Training Program category. According to SC Magazine, programs in this category are defined as those geared toward strengthening the expertise of IT security professionals, that provide educational programs, continued learning and certifications. 

Contact me to find out more about our award-nominated IT security Training Camps and why they’re the best of the best. Our IT security camps include:

-Official (ISC)² CISSP
-Official (ISC)² ISSEP
-Official (ISC)² SSCP
-Certified Ethical Hacker
-Forensics
-Licensed Penetration Tester
-CompTIA Security+
-CISA
-CISM

Popularity: 3% [?]

What is a Hacker?

“A hacker is someone who thinks outside the box. It’s someone who discards conventional wisdom, and does something else instead. It’s someone who looks at the edge and wonders what’s beyond. It’s someone who sees a set of rules and wonders what happens if you don’t follow them. A hacker is someone who experiments with the limitations of systems for intellectual curiosity.”
The above is a quote from crypto living legend Bruce Shneier’s book, Beyond Fear.  This is exactly how I feel about hacking.  Hacking is a major asset to Information System Security… if fact is THEE only real asset.  I’ve had arguements with some of my peers about this.  Information Security Pro vs. Hacker.  If the typical information system security pro doesn’t get smart on hacking (security/programming) techniques, security will continue to be a losing battle.  Cyber criminals have no problem learning the latest exploits, they have no boundaries and this gives them a “superpower” against security professionals.  Some Information security professionals, on the otherhand, restrict themselves by categorizing hacking as bad.  They see it as unethical and not responsible. 

It is unethical and not responsible to NOT know hacking techniques that might exploit a customers system.

Thanks for the post Bruce.  I hope you will make another appearance at the Defcon. 
read more | digg story

Popularity: 4% [?]

Intricate Steps of How to Hack Into a Computer

Here is a huge map that pretty much shows you all possible ways to gain entrance into a system. From finding exploits and scanning ports to password cracking. It shows all the likely paths you can take to hack into a computer and/or test out it’s security.

read more | digg story

Popularity: 3% [?]

Former Pentester of FBI, hacks the FBI

This case is not the same as the Department of Veteran Affairs loss of records or the Department of Agricultures security failures.  In this case, a contracting consultant conducted a penetration test with out getting formal approval.  He expoited the FBI's vulnerabilities to gain elevated privledges.

Joseph Thomas Colon, 28, is a former employee of BAE Systems.  His pentest allowed him to obtain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.  According to Colon, the FBI field office in Springfield, Ill., he was attached to gave him approval.

However, every professional pentester and/or ethical hackers knows that you have to get formal approval from an authority. 

Colon's lawyer said in a court filing that his client was hired to work on the FBI's “Trilogy” computer system but became frustrated over “bureaucratic” obstacles, such as obtaining written authorization from the FBI's Washington headquarters for “routine” matters such as adding a printer or moving a new computer onto the system. 

As a result, Mr. Colon will likely serve about 18 months in prison. :(…

Pentesting and ethical hacking tools and techniques must be dealt with responsibly.  The bureacracies that might allow pentesting must be respected at all costs.  The first thing in Pentesting and ethical hacking that is taught is to ALWAYs, ALWAYS, ALWAYS get writen consent to procede from the owners of the system.

 

Popularity: 5% [?]

Review: Certified Ethical Hacker (CEH) via Self Study

In his latest column for EH-Net, wireless hacking guru, Dan Hoffman, offers up his experience of attaining the CEH credential. Great read with fantastic advice for all you budding ethical hackers out there.

read more | digg story

Popularity: 3% [?]

Certified Ethical Hacker Cert and Certified Pen Testing Expert

I'm going to go for the Certified Ethical Hacker Cert and eventually the Certified Pen Testing Expert Certification.  That is the direction that I'd like to go with my Information Security Career. 

As of right now, I have a CISSP.  I do a lot of Security Testing Evaluations and Authorization Agreement, Security Policy type work.  It pays well but I think Pen Testing would be more fun.  After getting the CISSP, I seriously considered going after the ISSEP, Information System Security Engineering Professional cert, which I heard was harder than the CISSP… I don't see how that is possible.

The CEH is a 125 question test that I've heard mixed reviews about.  I've taken the bootcamp and I love the material.  Its all hardcore hacking.  Not simply how to use Cane & Abel or NMap but how to code malware with notepad, methods of SQL injection, and firewall attacks.  I learned a lot.  It also scared the piss out of me.  If your already a hacker or hardcore pent tester than the class would be nothing more than a refresher.  Intermediates with pentesting will have a real treat.  Beginers will be decapitated.

I guess CPTE, Certified Pen Testing Expert is the lastest one.  From what I've read, it looks like it is a step up from the CEH.  Here is some more info on the CPTE.  From what I've read the CPTE is INSANE.  It looks like a practical exam completed in the presents of a pentesting expert.  It includes SQL injections, gathering data, compiling hacker applications, and FRICKING Lockpicking… I AM NOT READY. 

Popularity: 4% [?]