HWZ Forums

Login Register FAQ Mark Forums Read

Advice/View for course in CEH - Certified Ethical Hacker

Share This Page
HardwareZone.com on Facebook
Reply
 
LinkBack Thread Tools
Old 15-02-2010, 08:30 PM   #16
Member
 
gforcexp's Avatar
 
Join Date: Jan 2007
Posts: 138
I agree with you that maybe my fundamentals are nt good. but i think i got the book for not beginneers.. and that is why i am asking for recommendation of books for beginneers.


That will be dangerous... if u can't understand what the books says. It means ur fundamentals isn't there...

Seriously IT security isn't changing. All the while we've been talking about stuff like passwords, networks, proper access and safe coding etc etc ...
gforcexp is offline   Reply With Quote
Old 15-02-2010, 11:49 PM   #17
Senior Member
 
Join Date: Jan 2000
Posts: 1,377
its really hard to get a IT security role even for a junior role given no relevant experience..
even if I manage to get a cert on security, also do not guarantee a position.

i check online.. people from other countries mentioned doing a support role like sys admin / in touch with server, will get by luck 1 day involved with security work and from there develop further.. is this road / path possible in singapore?

its either a SAP do and continue or venture into security as passion but start from ground level even with degree in hand.
__________________
ScoRpI0
shingo1 is offline   Reply With Quote
Old 16-02-2010, 11:52 PM   #18
Senior Member
 
Join Date: Mar 2001
Posts: 718
I agree with you that maybe my fundamentals are nt good. but i think i got the book for not beginneers.. and that is why i am asking for recommendation of books for beginneers.
There are several books which i would highly recommend but doubt some are available here:
Code: The Hidden Language of Computer Hardware and Software by Charles Petzold
This really teaches you the fundamentals, even if you go to any University...the same content here will be taught in school.

There are more books to recommend but choosing either of those will give you a different path.
The books by Bruce Schneier are excellent but i would suggest you wait for a while as he will be releasing a new copy soon.

I've recommended to our NLB on numerous books to buy with regards to IT Security, you could find some of the titles there as well.

Software Security: Building Security In
Exploiting Software: How to Break Code

These 2 will be crucial in understanding the basic terms for IT Security. If you got difficulties understanding it, then you will really need more reading. Other books to boost your fundamentals will be books on networks, it's very important for you to understand that and network programming. Only through networking books, you will know the flaws in several RFC(s).

Besides books, i would highly recommend you to download Wireshark and NMap and fiddle with it first. With wireshark, what can you see with it? Obviously a lot of stuff, but try running with no services enabled in your system....then try http and https connection with hotmail. Do you see your password in the clear?

These are all the first baby steps...if you dun take the initiative for these baby steps...you will never venture into IT Security.
e_har is offline   Reply With Quote
Old 16-02-2010, 11:57 PM   #19
Senior Member
 
Join Date: Mar 2001
Posts: 718
its really hard to get a IT security role even for a junior role given no relevant experience..
even if I manage to get a cert on security, also do not guarantee a position.

i check online.. people from other countries mentioned doing a support role like sys admin / in touch with server, will get by luck 1 day involved with security work and from there develop further.. is this road / path possible in singapore?

its either a SAP do and continue or venture into security as passion but start from ground level even with degree in hand.
I would not say that it's really hard at all, you either need luck or skills.
But if one does not have luck, try skills. Usually luck is through referrals or sudden opening when an employee left.

But skills wise, try for Syscan or HiTB CTF. If you managed to perform well, i am sure the local authorities, Banks and IT Security related companies will take note of your performance and hire you. These are opportunities presented to you, if you miss the boat, you will have to wait another year.
e_har is offline   Reply With Quote
Old 17-02-2010, 07:58 PM   #20
Member
 
gforcexp's Avatar
 
Join Date: Jan 2007
Posts: 138
Thanks! will try to go along that direction.. i think i need to start reading more.! =)



There are several books which i would highly recommend but doubt some are available here:
Code: The Hidden Language of Computer Hardware and Software by Charles Petzold
This really teaches you the fundamentals, even if you go to any University...the same content here will be taught in school.

There are more books to recommend but choosing either of those will give you a different path.
The books by Bruce Schneier are excellent but i would suggest you wait for a while as he will be releasing a new copy soon.

I've recommended to our NLB on numerous books to buy with regards to IT Security, you could find some of the titles there as well.

Software Security: Building Security In
Exploiting Software: How to Break Code

These 2 will be crucial in understanding the basic terms for IT Security. If you got difficulties understanding it, then you will really need more reading. Other books to boost your fundamentals will be books on networks, it's very important for you to understand that and network programming. Only through networking books, you will know the flaws in several RFC(s).

Besides books, i would highly recommend you to download Wireshark and NMap and fiddle with it first. With wireshark, what can you see with it? Obviously a lot of stuff, but try running with no services enabled in your system....then try http and https connection with hotmail. Do you see your password in the clear?

These are all the first baby steps...if you dun take the initiative for these baby steps...you will never venture into IT Security.
gforcexp is offline   Reply With Quote
Old 18-02-2010, 07:56 PM   #21
Senior Member
 
Join Date: Jan 2000
Posts: 1,377
I would not say that it's really hard at all, you either need luck or skills.
But if one does not have luck, try skills. Usually luck is through referrals or sudden opening when an employee left.

But skills wise, try for Syscan or HiTB CTF. If you managed to perform well, i am sure the local authorities, Banks and IT Security related companies will take note of your performance and hire you. These are opportunities presented to you, if you miss the boat, you will have to wait another year.
No skill yet. knowledge also fundamental it security. chance.. saw plenty of posting on security post but no news at all. read up also not much use when there is no relevant experience to fill into cv.
__________________
ScoRpI0
shingo1 is offline   Reply With Quote
Old 28-04-2010, 08:59 PM   #22
Master Member
 
hitmen's Avatar
 
Join Date: May 2008
Posts: 3,562
Where can people go to gain real life experience of breaking into servers?
Like you test their network then they credit money into your account
Like that is better than 9 to 5 job.
__________________
Grace is my supermodel 连老公都打!Eat like horse;Train like 魔鬼;Sleep like corpse!The only easy day was
hitmen is offline   Reply With Quote
Old 06-05-2010, 03:51 PM   #23
Supremacy Member
 
bakasa2002's Avatar
 
Join Date: Jul 2006
Posts: 6,244
Consider doing a broad-based specialist dip in IT sec with NYP, TP or one of the poly that has this offering. This might give you a better idea of which area you want to branch into for IT Sec.

CEH is basically a touch and go course, where they actually kind of rush thru the tools and methodolgy, or right approach to do ethical hacking. It's basically just an aspect of how to gain access, privilege escalation, so I wld agree it's only a part of IT sec.

To be frank, the exam is not easy, but the certification is as bros say, only helpful if you intend to start out as a hired pen test analyst etc. Hope this helps.
bakasa2002 is offline   Reply With Quote
Old 16-08-2017, 10:58 PM   #24
Master Member
 
ExtremeWays's Avatar
 
Join Date: Mar 2017
Posts: 3,011
I can't tell you which path to take but i can tell you what are the jobs available locally.
The IT security market in overseas is different.

I'm not even sure what they teach you in Poly or Uni nowadays but my stand is still the same for anyone that i teach.
"Get Your Fundamentals Right"

Learn Safe Coding if you are into development or source code auditing like i do.
These are specialised jobs but you won't regret it cos these jobs pays higher but if something cocks up...you're the first person the fingers will point to.

Penetration Testing, as more and more companies put the information up in the internet and intranet...etc... there is a need to hire pentesters to do all the dirty work in case the system administrators missed out something that could lead to loopholes in the entire systems. It's not an easy job, you could make a lot of enemies if you are not friendly or tactful. Banks hire these people too and Banks pay quite well.

The rest are classified as niche market imho, jobs which require you to be either lucky and chance upon it or referred by friends. As these positions are very few.

Last advice, look through your past notes and ask yourself these questions:
"Do i really understand them thoroughly enough?"
"Are my self developed applications so good that they are free from bugs?"
if you answered "NO" to any of these 2, Post your questions here again if i'm available.

What they teach in schools are just touching the surface of everything.
If you ever got ideas for anything, write it down.
Remember this, "Ideas Are Premium"
Any more to add??????
__________________
"Programming is not a 0-sum game. Teach something to another fellow doesn’t take it away from u."
ExtremeWays is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On