Tomorrow is the big day

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

After a week of intensive training and lab work, with loads of previous study, I sit for the CEH exam. There are 14 of us and we have been told that there is an average pass rate of 90% which frightens me.

I have bought a black stetson in case I don't pass first time (my revenge on CE Council and BT Training), although due to a screw up between the trainers and the cert body, we did not receive our material (officially atleast) until 3 days into the course, we have been assured that those who do not make it will get an extra day's tutorial and a resit for free.

Here's hoping to add another 14 to the hacking fraternity.

Now how much was Dixon advertising that 50" Plasma screen for?

^^ Orders already being taken Hurry up while the stocks (read 'hack') lasts

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Good luck Ogg - you must be the cleverst 1year in the world - no doubt you'll pass - it seems like you know your stuff... Good Luck Ogg

 

Good Luck!

 

Best of luck

 

Good luck mate, todays the day?

Let us know how you got on!

 

Best of luck mate. I hope to be taking the CEH one day, would you mind PM'ing me about how it is and what sort of stuff you get up to?

Kraven

 

Good luck

 

Good luck mate.

 

Best of luck!

 

Thank you to each and all for your good wishes.

The exam went quite well. We had about three hours revision before it and the tutor went through some points and explained how to take the exam. You know, like go with your first instinct; do not dwell too long or you will start doubting yourself; attempt all the easy ones first and mark the oters for review etc etc.

Anyway, after lunch we started and it took about an hour and half for 125 questions. Some were very easy that anyone who reads a computer magazine would know. Some were very very difficult like SQL log files and scanner log files, decrypting hex scan files to identify vulnerabilities etc.

On the whole, from what I have been told and read, this is one of the hardest IT certs to obtain as it is a very vast field and you really need to have an indepth knowledge of TCP/IP. Forget Net+ and CCNA. They are the introduction chapter as far as TCP/IP is concerned. I am talking about building and reading packets, wrapping them in other packets or services and passing them on. This is really serious stuff, but then thats where the fun is.

Anyone wishing to attempt this would be well advised to go on a course with some tutor who knows what he is talking about, not someone who will give you dumps or only cover exam questions. You also need to have at the very least Security+ certification and to have been working in a security role for a while. You really need to know firewalls and routers inside out.

As far as studying yourself? Forget it. You can pass with doing dumps (if you believe their answers) but will you know your stuff? Your first attempt will make the hacking fraternity fall off their chairs laughing and your second attempt will land you in jail. No joke. At best you will be a script kiddie and at worst doing porridge.

At the end of it it gives you a nice feeling, but this is only the beginning. It will take years of dedicated practice and knowledge to be a respected security specialist.

I just bought a used server - Proliant ML580 with 4 Intel Xeon processors, 2GB RAM and 4 SCSI discs to build a proper system, and along with a CISCO 2600 router and a few other machines I am going to create a domain structure to practice all I can. I will expand on this in another thread.

The last word is that it is well worth doing if you are SERIOUSLY serious about security, otherwise system admin or something similar might be more attractive.

The last last word is : None of you are safe from me.

Muhahahahahahahahaahah

 

Forgot to say,

You need to be able to 'think' in command line scripts, especially Linux.

 

Oggler,

Thanks for the indept feedback about the exam prep etc. But did you pass? I bet you probably did or else maybe you would have elaborated so well

 

I thought I had read somewhere that *part* of the exam is taking an accredited course. If that is true then no, you can't just do it on home study.

Harry.

 

The official course material consists of 26 modules in 4 manuals totalling almost 2500 A4 size pages. Then you have a 475 page Lab Manual and 8 CDs. One CD has over 300 live virus's that are doing the rounds in the wild. Also due to legal reasons books and manual will not be able to print 'insider' knowledge, That can only come from your tutor who can show it in a lab. For example, did you know that the AV co that goes by the colour 'yellow' only cover about 10% of virus's that are in the wild and they have an acceptable level of infections. That they have the signatures for loads of other malware but will not release them? It would amount to you having to doenload gigabytes of updates, so they accept the risk and if you are infected then it is tough luck. The licensing agreement that no one reads (as we click yes yes yes ok ok next next) abrogates them of any reponsibility.

You should be able to write a trojan and encapsulate it in its own application such as a game etc.

The material is really advanced. loads of subjects that need deep explanations that might be difficult to get satisfactorily from a book. I have seen manuals etc out there. I went through some CBT videos and thought that I knew it all but it is not a light topic.

If you want to study it yourself, you need to get hold of some video material, an excellent manual, a very high spec PC that can easily run atleast 5 other virtual machines (a core 2 Pentium with 3 GB RAM and 250 GB HDD should do it). You need to do the work in virtual machines or your PC will be toast. There are rootkits that work beyond the HAL. You need to write and execute rootkits that work on the graphics card chip etc. How will you be able to clean it after that? Say you have something running on your sound card, or the actual chipset of the HDD; how in God's name can you get rid of it? You can't. Your equipment is toast. No amount of reformatting will clean the chipset.

That is what I am talking about and it is not easy to get that from a book, unless you possess advanced programming and hardware knowledge including Firewalls etc.

Self study can be done, and you can pass the exam by doing loads of practice questions, but I am talking about gaining actual knowledge - hands on knowledge of things as opposed to obtaining a paper certificate.

 

A class room study of CEH counts towards the CEP (certification End Point) of CISSP.

 

Congrats!