Advice/View for course in CEH - Certified Ethical Hacker

moxa69

Junior Member
Joined
Apr 4, 2008
Messages
98
Reaction score
0
Hi,

Would like to hear you guys view about the course in CEH - Certified Ethical Hacker

Is it feasible to obtain such course in Singapore and is it value added to have such cert.

the current path is as follow which i got from on-line
* Certified Ethical Hacker (CEH)
* Computer Hacking Forensic Investigator (CHFI)
* EC-Council Certified Security Analyst (ECSA)

Many thanks
 

Ghostie

Arch-Supremacy Member
Joined
Jan 1, 2000
Messages
12,111
Reaction score
1
Frankly, do it for the knowledge. Whether or not this cert adds credit to your CV or not, only a little, and only for junior IT security positions.
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
Hello all,

Can i ask is there any other courses that one should take before CEH? mainly for beginners who are interested in this line?

many thanks =)
 

omgwtfno

Senior Member
Joined
Feb 9, 2010
Messages
599
Reaction score
0
To all who still got questions, I will agree with what Ghostie wrote.
or you can look at what i replied here.
http://forums.hardwarezone.com.sg/showpost.php?p=43932844&postcount=6

@gforcexp: Are you studying IT or CS in Poly or Diploma? If not, you would really need to do a lot reading and searching on Google b4 you can understand the basics.

But if my answers are not clear enuff. Feel free to ask more here. I'm sure there are more people out here who can offer valuable advice.
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
I got a dip in Computer Engineering in Poly. Learnt a basic for IT Security and hacking tools. but i find them really basic.

To all who still got questions, I will agree with what Ghostie wrote.
or you can look at what i replied here.
http://forums.hardwarezone.com.sg/showpost.php?p=43932844&postcount=6

@gforcexp: Are you studying IT or CS in Poly or Diploma? If not, you would really need to do a lot reading and searching on Google b4 you can understand the basics.

But if my answers are not clear enuff. Feel free to ask more here. I'm sure there are more people out here who can offer valuable advice.
 

omgwtfno

Senior Member
Joined
Feb 9, 2010
Messages
599
Reaction score
0
Likewise, the contents in CEH will be basic too.

It emphasize more on the tools they used for pen-testing.
Using such tools is just like development, we improved through practice.

Maybe in another few more weeks or months, i will start a blog with a few others teaching all the basics of IT Security if there is demand here locally.

But what are you interested in? IT Security is a very broad area.
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
Erm, my interest in actually in hacking. Maybe a Ethical hacker?


Likewise, the contents in CEH will be basic too.

It emphasize more on the tools they used for pen-testing.
Using such tools is just like development, we improved through practice.

Maybe in another few more weeks or months, i will start a blog with a few others teaching all the basics of IT Security if there is demand here locally.

But what are you interested in? IT Security is a very broad area.
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
actually i am still very noobish on IT Security.

Maybe you can enlightening me on what are the few areas in security market nowdays?
 

omgwtfno

Senior Member
Joined
Feb 9, 2010
Messages
599
Reaction score
0
actually i am still very noobish on IT Security.

Maybe you can enlightening me on what are the few areas in security market nowdays?

I can't tell you which path to take but i can tell you what are the jobs available locally.
The IT security market in overseas is different.

I'm not even sure what they teach you in Poly or Uni nowadays but my stand is still the same for anyone that i teach.
"Get Your Fundamentals Right"

Learn Safe Coding if you are into development or source code auditing like i do.
These are specialised jobs but you won't regret it cos these jobs pays higher but if something cocks up...you're the first person the fingers will point to.

Penetration Testing, as more and more companies put the information up in the internet and intranet...etc... there is a need to hire pentesters to do all the dirty work in case the system administrators missed out something that could lead to loopholes in the entire systems. It's not an easy job, you could make a lot of enemies if you are not friendly or tactful. Banks hire these people too and Banks pay quite well.

The rest are classified as niche market imho, jobs which require you to be either lucky and chance upon it or referred by friends. As these positions are very few.

Last advice, look through your past notes and ask yourself these questions:
"Do i really understand them thoroughly enough?"
"Are my self developed applications so good that they are free from bugs?"
if you answered "NO" to any of these 2, Post your questions here again if i'm available.

What they teach in schools are just touching the surface of everything.
If you ever got ideas for anything, write it down.
Remember this, "Ideas Are Premium"
:p
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
ah i see, right now i wouldnt say i understand what i learnt in poly thoroughly, if not means my result is ACEs =) but my interest will be alone IT Security line for sure. Am looking at Pen Testing. But what are the basics to that area? cause i am in NS now but i wish to borrow some books and do some self-reading but i got no idea where to start =(

I can't tell you which path to take but i can tell you what are the jobs available locally.
The IT security market in overseas is different.

I'm not even sure what they teach you in Poly or Uni nowadays but my stand is still the same for anyone that i teach.
"Get Your Fundamentals Right"

Learn Safe Coding if you are into development or source code auditing like i do.
These are specialised jobs but you won't regret it cos these jobs pays higher but if something cocks up...you're the first person the fingers will point to.

Penetration Testing, as more and more companies put the information up in the internet and intranet...etc... there is a need to hire pentesters to do all the dirty work in case the system administrators missed out something that could lead to loopholes in the entire systems. It's not an easy job, you could make a lot of enemies if you are not friendly or tactful. Banks hire these people too and Banks pay quite well.

The rest are classified as niche market imho, jobs which require you to be either lucky and chance upon it or referred by friends. As these positions are very few.

Last advice, look through your past notes and ask yourself these questions:
"Do i really understand them thoroughly enough?"
"Are my self developed applications so good that they are free from bugs?"
if you answered "NO" to any of these 2, Post your questions here again if i'm available.

What they teach in schools are just touching the surface of everything.
If you ever got ideas for anything, write it down.
Remember this, "Ideas Are Premium"
:p
 

sAVaGEmP5

Supremacy Member
Joined
Jun 27, 2002
Messages
9,970
Reaction score
1,183
dont focus too deeply in any area as u may not noe what will happen when u ORD, after ur degree etc... just do whategver that is related...

When we talk about IT security, your level must be higher than the average IT pros. Not saying anyone, but linux, cisco, development, web tech, windows core server admin must be at ur finger tips. Thats when u are ready to come into this IT line.

I remember when i was in SP, i finished reading all the books on linux/windows security available. but ur studies still important
 

e_har

Senior Member
Joined
Mar 1, 2001
Messages
718
Reaction score
0
I tend to agree with omgwtfno and a bit of what sAVaGEmP5 wrote.
In Singapore, the situation is a bit different and you do need to know a bit of everything else.

But in USA and Europe, the experts do not necessarily know everything as well.
Both places have jobs that are so specialised that they may not know everything.

Studies are very important, once you started working, you will tend to realise how impt those lessons on networking, programming, blah blah are integral to your job. And you will unlock the mystery on why is there limit to stuff and how u can raise the limit by tweaking it and so on.

Isn't great to see so many people back on IT Security SIG offering advice. :D
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
Hi, thanks for the advice.

I understand where you are coming from, IT is forever changing and changing fast!! Will try to read widely and no just on IT security.

But any books to recommand for a beginner? cause i tried to read some books from library but i didnt quite understand them.

dont focus too deeply in any area as u may not noe what will happen when u ORD, after ur degree etc... just do whategver that is related...

When we talk about IT security, your level must be higher than the average IT pros. Not saying anyone, but linux, cisco, development, web tech, windows core server admin must be at ur finger tips. Thats when u are ready to come into this IT line.

I remember when i was in SP, i finished reading all the books on linux/windows security available. but ur studies still important
 

sAVaGEmP5

Supremacy Member
Joined
Jun 27, 2002
Messages
9,970
Reaction score
1,183
That will be dangerous... if u can't understand what the books says. It means ur fundamentals isn't there...

Seriously IT security isn't changing. All the while we've been talking about stuff like passwords, networks, proper access and safe coding etc etc ...
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
I agree with you that maybe my fundamentals are nt good. but i think i got the book for not beginneers.. and that is why i am asking for recommendation of books for beginneers.


That will be dangerous... if u can't understand what the books says. It means ur fundamentals isn't there...

Seriously IT security isn't changing. All the while we've been talking about stuff like passwords, networks, proper access and safe coding etc etc ...
 

shingo1

Senior Member
Joined
Jan 1, 2000
Messages
1,375
Reaction score
0
its really hard to get a IT security role even for a junior role given no relevant experience..
even if I manage to get a cert on security, also do not guarantee a position.

i check online.. people from other countries mentioned doing a support role like sys admin / in touch with server, will get by luck 1 day involved with security work and from there develop further.. is this road / path possible in singapore?

its either a SAP do and continue or venture into security as passion but start from ground level even with degree in hand.
 

e_har

Senior Member
Joined
Mar 1, 2001
Messages
718
Reaction score
0
I agree with you that maybe my fundamentals are nt good. but i think i got the book for not beginneers.. and that is why i am asking for recommendation of books for beginneers.

There are several books which i would highly recommend but doubt some are available here:
Code: The Hidden Language of Computer Hardware and Software by Charles Petzold
This really teaches you the fundamentals, even if you go to any University...the same content here will be taught in school.

There are more books to recommend but choosing either of those will give you a different path.
The books by Bruce Schneier are excellent but i would suggest you wait for a while as he will be releasing a new copy soon.

I've recommended to our NLB on numerous books to buy with regards to IT Security, you could find some of the titles there as well.

Software Security: Building Security In
Exploiting Software: How to Break Code

These 2 will be crucial in understanding the basic terms for IT Security. If you got difficulties understanding it, then you will really need more reading. Other books to boost your fundamentals will be books on networks, it's very important for you to understand that and network programming. Only through networking books, you will know the flaws in several RFC(s).

Besides books, i would highly recommend you to download Wireshark and NMap and fiddle with it first. With wireshark, what can you see with it? Obviously a lot of stuff, but try running with no services enabled in your system....then try http and https connection with hotmail. Do you see your password in the clear?

These are all the first baby steps...if you dun take the initiative for these baby steps...you will never venture into IT Security.
 

e_har

Senior Member
Joined
Mar 1, 2001
Messages
718
Reaction score
0
its really hard to get a IT security role even for a junior role given no relevant experience..
even if I manage to get a cert on security, also do not guarantee a position.

i check online.. people from other countries mentioned doing a support role like sys admin / in touch with server, will get by luck 1 day involved with security work and from there develop further.. is this road / path possible in singapore?

its either a SAP do and continue or venture into security as passion but start from ground level even with degree in hand.

I would not say that it's really hard at all, you either need luck or skills.
But if one does not have luck, try skills. Usually luck is through referrals or sudden opening when an employee left.

But skills wise, try for Syscan or HiTB CTF. If you managed to perform well, i am sure the local authorities, Banks and IT Security related companies will take note of your performance and hire you. These are opportunities presented to you, if you miss the boat, you will have to wait another year.
 

gforcexp

Member
Joined
Jan 15, 2007
Messages
138
Reaction score
0
Thanks! will try to go along that direction.. i think i need to start reading more.! =)



There are several books which i would highly recommend but doubt some are available here:
Code: The Hidden Language of Computer Hardware and Software by Charles Petzold
This really teaches you the fundamentals, even if you go to any University...the same content here will be taught in school.

There are more books to recommend but choosing either of those will give you a different path.
The books by Bruce Schneier are excellent but i would suggest you wait for a while as he will be releasing a new copy soon.

I've recommended to our NLB on numerous books to buy with regards to IT Security, you could find some of the titles there as well.

Software Security: Building Security In
Exploiting Software: How to Break Code

These 2 will be crucial in understanding the basic terms for IT Security. If you got difficulties understanding it, then you will really need more reading. Other books to boost your fundamentals will be books on networks, it's very important for you to understand that and network programming. Only through networking books, you will know the flaws in several RFC(s).

Besides books, i would highly recommend you to download Wireshark and NMap and fiddle with it first. With wireshark, what can you see with it? Obviously a lot of stuff, but try running with no services enabled in your system....then try http and https connection with hotmail. Do you see your password in the clear?

These are all the first baby steps...if you dun take the initiative for these baby steps...you will never venture into IT Security.
 
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Top