Certified Ethical Hacker...

Discussion in 'Other IT certifications' started by mattwest, Apr 20, 2007.

  1. mattwest

    mattwest Megabyte Poster

    514
    8
    62
    Hi Guys,

    About a month ago i went on the Certified Ethical Hacking course (CEH) and took the exam at the end. Thank fully i passed! (150 questions in up to 4 hours!!)

    Has anyone else done the CEH? What did you think?

    If anyone wants any info on this certification give me a shout and i'd be happy to share.

    If your interested in how "hackers" can footprint and attack your network it is definately useful.... although how much you might actually use day to day might be limited! :blink :D
     
    Certifications: See my signature...
    WIP: Maybe re-certify my CCNA
  2. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Hi Matt,

    Well done on the pass - that's some cert's you have!
    Please share with us any tip's other members might benefit from for this awesome cert. :thumbleft
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  3. onoski

    onoski Terabyte Poster

    3,120
    51
    154
    Well done and congratulations. On a side note where do you find the time to study for and attain these certs:D
     
    Certifications: MCSE: 2003, MCSA: 2003 Messaging, MCP, HNC BIT, ITIL Fdn V3, SDI Fdn, VCP 4 & VCP 5
    WIP: MCTS:70-236, PowerShell
  4. zimbo
    Honorary Member

    zimbo Petabyte Poster

    5,215
    99
    181
    Congrats on the new cert! Yes def want some info into this cert - eg training and books
     
    Certifications: B.Sc, MCDST & MCSA
    WIP: M.Sc - Computer Forensics
  5. BosonMichael
    Honorary Member Highly Decorated Member Award 500 Likes Award

    BosonMichael Yottabyte Poster

    19,183
    500
    414
    Congrats on the pass!
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  6. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    Congrats Mr. ETHICAL Hacker!

    edit: Just to keeps Mitz away from the duct-tape!
     
  7. Mitzs
    Honorary Member

    Mitzs Ducktape Goddess

    3,286
    85
    152

    Thats Mr ETHICAL Hacker buddy! :dry

    Congrats Matt I bet that was a very interesting course. What books did you use? In something like that do they actually have a network set up where one of you try to break in and another student trys to spot it?
     
    Certifications: Microcomputers and network specialist.
    WIP: Adobe DW, PS
  8. Theprof

    Theprof Petabyte Poster

    4,607
    83
    211
    Good stuff matt, congrats on the pass.
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA
  9. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Congrats mate that's a tough nut to crack, well done 8)
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  10. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    150 questions???

    Surely ye jest!

    I'm planning on taking this in about three months.

    DAMN thats a lot of questions in that space of time.

    I heard the exam was heavy on Nmap & Scanning, SQL Injection, IDS signatures and O/S footprinting - any feedback on that?
     
    Certifications: A few
    WIP: None - f*** 'em
  11. mattwest

    mattwest Megabyte Poster

    514
    8
    62
    Hi Guys,

    Well the course itself was quite interesting, i've listed below the modules in the course.

    The course for the CEH i went on was in a very intense environment. I started on a Sunday afternoon and finished the following Friday so almost 6 days. Each day we trained from 9am to 8pm (yes 11 hours!!). And we were given 3 of the modules listed below for homework to read during the evenings.

    Module 1: Ethics and Legality
    Module 2: Footprinting
    Module 3: Scanning
    Module 4: Enumeration
    Module 5: System Hacking
    Module 6: Trojans and Backdoors
    Module 7: Sniffers
    Module 8: Denial of Service
    Module 9: Social Engineering
    Module 10: Session Hijacking
    Module 11: Hacking Web Servers
    Module 12: Web Application Vulnerabilities
    Module 13: Web Based Password Cracking Techniques
    Module 14: SQL Injection
    Module 15: Hacking Wireless Networks
    Module 16: Virus and Worms
    Module 17: Novell Hacking
    Module 18: Linux Hacking
    Module 19: IDS, Firewalls and Honeypots
    Module 20: Buffer Overflows
    Module 21: Cryptography

    As you can see there was loads to fit in but the course was structured in a way that for each module there were some good labs. You actually got to install and play with lots of the tools and i came away with 4 CD's of tools to play with at my leisure :twisted:

    Its worth noting that before you can even take the class you have to sign a declaration that you wont use the knowledge or tools for an maliciuous hacking!

    To be honest i found the first half of the course the most interesting - footprinting, scanning and enumeration as i've never had the time to dable in anything like this before. Some of the later modules regarding wireless networks, social engineering etc were topics i've studied before.

    The exam is 150 questions and you have up to 4 hours to complete it. I think i managed it in just under 2 and a half hours. The pass mark is 70% and i got 73.4%, but as i was the first one in the class to do it and pass i wasn't too unhappy! 8)

    I cant really recommend any books as all the courseware was provided by the training company but i would advise anyone thining of taking it to download and have a play with some of the core tools such as NMAP, NESSUS, L0phtCrack, Ethereal, SNORT etc etc.

    You dont need to be an expert in these tools to pass the exam, however there will be some questions such as "which of the foolowing commands will target an NMAP scan at this domain" and it will list 4 commnds with various switches.

    From my point of view, not having the hacker mentality to sit for hours footprinting a network it was good to learn some of the techniques and about how much information can be gleamed about a network from simple things such as job postings or your corporate website.

    As for how i manage to do these exams, well thats something for another day but just keep on at it and always have something on the go... even if you only read half a chapter of your next certification book each lunch time during the working week you'll make slow and steady progress....

    I hope that sheds some light! :D
     
    Certifications: See my signature...
    WIP: Maybe re-certify my CCNA
  12. Notes_Bloke

    Notes_Bloke Terabyte Poster

    3,230
    54
    146
    Hi Mattwest,
    Can you give me some details of the course provider & how much it cost ? Only this is something I'm aiming to do - just need to convince the IT Manager it's worth the spend!
    Cheers
    NB:)
     
    Certifications: 70-210, 70-215, A+,N+, Security+
    WIP: MCSA
  13. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    Congrats! I'll be doing the course second week of May.
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP
  14. mattwest

    mattwest Megabyte Poster

    514
    8
    62
    The training provider i used was "The Training Camp". I've included a link below:

    http://www.trainingcamp.co.uk

    They have a really nice training center just outside Oxford but there are others around the country. I find their total immersion training with the exams at the end of the course really good.

    As for the price it was quite expensive at £2,500 but you might be able to haggle it a bit.... although work was paying for mine so i cant complain! :)

    Worth noting that includes accomodation, food, 5 days training and the exam + materials.... and if you fail you can re-take the course and only have to pay for accomodation and the re-take exam fee....
     
    Certifications: See my signature...
    WIP: Maybe re-certify my CCNA
  15. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Matt

    I was looking at them to provide the course for me as well but, tbh, they were so pushy after I told them that I needed to wait to get the budget that I decided (after about the fourth call in three weeks) that I would never use them for anything.

    I'm not a forgiving man when it comes to training providers, and they really shot themselves in the foot.
     
    Certifications: A few
    WIP: None - f*** 'em
  16. zimbo
    Honorary Member

    zimbo Petabyte Poster

    5,215
    99
    181
    Umm anyone want to come to cyprus?

    if i can land a summer job i can get it for £270 because of some agreement between training companies and the human resource ministry in cyprus! :biggrin
     
    Certifications: B.Sc, MCDST & MCSA
    WIP: M.Sc - Computer Forensics
  17. mrtec

    mrtec Bit Poster

    30
    0
    0


    hum possibly ( can u tell me some details?:P im interested on doing this and would be a good "holiday" with my future wife;P

    EDIT: altough this a quite old topic im still interested:P
     
    Certifications: A+
    WIP: N+, MCP
  18. Ozzy2k7

    Ozzy2k7 Nibble Poster

    87
    0
    18
    Yeah I know what you mean I'm still getting spam and the odd phone call:x
     
    WIP: A+ Network+
  19. juniper

    juniper New Member

    2
    0
    1
    Im interested in doing the CEH but I was wondering could I just take the exam without having to do
    a training course?

    Also can facilitate the exam itself? e.g. vue or prometric or someone else...

    thanks
     
  20. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Not unless you're a pen tester with about two years' worth of solid experience, or have worked in a pure security role for the same period of time. TBH, I'm not sure if the EC-Council let you take the exam without taking an accredited course first at all - take a look on their website for the requirements. Be warned, the exam covers a LOT of things - not in any great depth (except port scanning, which is extremely important for the exam) but it is very broad - 'a mile wide and an inch deep' is the phrase often used.

    The exam is only available at accredited testing centres - mine was with VUE, not sure whether Prometric do it as well, i would imagine they do.
     
    Certifications: A few
    WIP: None - f*** 'em

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.