Results 1 to 3 of 3

Thread: Certification and General noob Questions

  1. #1
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    1

    Default Certification and General noob Questions

    Hi all,

    I am looking to start up a Pentesting section for an existing IT business and am trying to get as much info as I can.

    I have some experience with basic principles, programs, procedures, laws etc, and have been testing myself on my own network and friends (with their permission, and agreement to help secure it for a beer or two).

    I having been looking around at making more of this and would like to aim for a certification to move myself on. This is where I have been getting confused. The cert that seemed to me to be the one best suited to me was the GIAC GPEN cert. Whats the general opinion (if there is any) on this cert as a whole?

    Also any other Certs that are considered industry standard?

    Finally one more noob query that I realise might go unanswered but Even an new idea would be nice. Another group I am part of have been helping me with learning as much as I can and are now starting to challenge me. One of the members has set up what he considers a pretty secure network, and while I know that I could get in if I was within wireless range of him I have seriously lost the plot trying to do it from 1000 miles away. He has given me some clues, what security he is using etc. But i can't even get a port scan out of it.

    To be honest the thing i am most interested in is the cert. The other bit is more of a i-cant-think-of-anything-and-this-brick-wall-is-starting-to-hurt-my-head question.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by bambam_tf View Post
    Hi all,

    I am looking to start up a Pentesting section for an existing IT business and am trying to get as much info as I can.

    I have some experience with basic principles, programs, procedures, laws etc, and have been testing myself on my own network and friends (with their permission, and agreement to help secure it for a beer or two).

    I having been looking around at making more of this and would like to aim for a certification to move myself on. This is where I have been getting confused. The cert that seemed to me to be the one best suited to me was the GIAC GPEN cert. Whats the general opinion (if there is any) on this cert as a whole?

    Also any other Certs that are considered industry standard?

    Finally one more noob query that I realise might go unanswered but Even an new idea would be nice. Another group I am part of have been helping me with learning as much as I can and are now starting to challenge me. One of the members has set up what he considers a pretty secure network, and while I know that I could get in if I was within wireless range of him I have seriously lost the plot trying to do it from 1000 miles away. He has given me some clues, what security he is using etc. But i can't even get a port scan out of it.

    To be honest the thing i am most interested in is the cert. The other bit is more of a i-cant-think-of-anything-and-this-brick-wall-is-starting-to-hurt-my-head question.
    First off welcome to the forums, second there are tons' of threads here which contain info you seek, the only real requirement on your part is to search for them.
    BTW have a re-read of the rules (to be informed and safe) also check the General IT section.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by bambam_tf View Post
    ... The cert that seemed to me to be the one best suited to me was the GIAC GPEN cert. Whats the general opinion (if there is any) on this cert as a whole?

    Also any other Certs that are considered industry standard?
    I have the GPEN certification. In Australia it seems to be quite well regarded even though its very new. As well as technical stuff it covers the other aspects of a pen test quite well. As far as certifications go I think its probably one of the best ones to get relating to Pen Testing. Id personally also be impressed with people who have the OSCP certification (Pentesting With Backtrack - Ive done the course and will be attempting the cert soon), but I don't think its that well known here yet. The testing process for the OSCP certification is pretty impressive in my opinion.

    The EC Councils CEH certification is also quite well known, but I have my doubts about the quality of the cert. From how it sounds, the CEH is just a test that covers your ability to remember lots and lots of hacking tools. There is also another couple of certs available from the EC Council I think, which cover some other aspects of the process. Those other certs are not that well known.

    There is also a company in Australia called Pure Hacking who offer another cert which is based on the OSSTM (link below). I dont think its that well known either. EDIT - This is actually an ISECOM certification, Pure Hacking is just the training and certification provider in Australia. There are others in Europe and the US.

    Training- Pure Hacking
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •