Certified Ethical Hacker Certification

tntcoder · 15 Mar 2008 at 13:05

Hi,

Has anyone heard of this cert program? I put it in this forum because it looks largely linux based.

The course syllabus can be seen here: http://www.eccouncil.org/Course-Outline/Ethical Hacking and Countermeasures Course.htm

It seems quite a highly regarded cert in the security industry, Im still at uni now but would like to go into the security side of stuff, and the course just looks interesting even if i didn't end up using it for work.

Couple of questions:
- Would a non-security employer frown upon seeing the words "certified ethical hacker" on your CV if they were not familiar with the purpose of the course?

- Reckon it would be worth doing?

Thanks

Una · 15 Mar 2008 at 13:50

CLAS, CHECK and CISSP are the highest regarded certificates in the security industry in the UK at the moment. However most the guys I know with CISSP tend to just have managerial jobs, hehe.

C|EH I would say it might be worth it if your interested in going into the penetration testing area. Depends on your experience, it might be a good way for you to learn the skills. The top employees tend to ask for examples of vulnerabilities/exploits you have coded and other security software and only really experience gives that.

Any idea what area of security your looking to specialise in? I could give more guidance then.

tntcoder · 15 Mar 2008 at 14:35

Thanks, I'm interested in general security consultancy, i respect thats quite vague, things like penetration testing sound very interesting to me. For example testing a buisnesses existing setup, auditing and advising how to secure things are the kind of things i would like to get involved in, but with no work experience in that area i can only speculate really. And im guessing it would take me a fair few years of experience to get into a decent job position in that area?

I will probably finish uni with 1st in computer science, with no experience im not sure how is best to get started off in the security side of things, which is why i was considering this cert to get some skills built up. I already have a fairly good general knowledge of a lot of things in the area, but no in depth experience with the various tools such as ethereal and snort for example.

mortals · 15 Mar 2008 at 15:29

I was looking into getting the Certified Ethical Hacker Certification last year, but it seemed really expensive

russ0r · 15 Mar 2008 at 17:56

tntcoder said:
I will probably finish uni with 1st in computer science, with no experience im not sure how is best to get started off in the security side of things, which is why i was considering this cert to get some skills built up. I already have a fairly good general knowledge of a lot of things in the area, but no in depth experience with the various tools such as ethereal and snort for example.

I know a few people in IT security, and most of the stuff they know is self taught.
Why not set up a box on your network, see if you can break into it using various tools - basically just teaching yourself.
I'm no expert on networking and security but I know a fair bit just by arsing about with packet sniffers and testing my own systems for vulns etc.
Pick up exploits from sites like milw0rm & test them out on systems (your own of course), read through the code and learn how they work.
Read security blogs/news sites etc.

This will certainly help you get your foot in the door if you wanna go straight into an IT security job... Also a good starting point if you wanna take an 'ethical hacking' qualification I think.

TrX · 15 Mar 2008 at 19:47

russ0r is right,

Read, read, and read some more, test what you read on your own net. There is enough stuff out there on the internet to learn from without spending a load on the Cert..

And then when you do get round to the cert (if you decide to), you should be able to walk it.

I am planning to do one of the sec certs when I finish uni, more to just test myself that I know 'enough'

What you have described is exactly what I plan to go into after uni.

//TrX