Notes from VeriSign Applied Hacking Class

From: mad hack (madhackat_private)
Date: Sun Jun 17 2001 - 11:09:45 PDT

  • Next message: paul miles: "IP forwarding"

    
     ('binary' encoding is not supported, stored as-is)
    Hi, all -
    
    Just finished a 5-day Applied Hakcing class with VeriSign. Here is my two cents.  I have to say that this is only my exprience and comments.
    
    The instructor: 
    My instructor is a very talenetd young man and was familiar with the hacking underground community. He is also a very good communicator, not the hacker/geek type you would think.
    
    The Lab:
    The lab is composed of laptops equipped with wireless LAN card. One wireless access point and one router are used to complete the user network.  Two target servers are available for hacking. Some other servers are used by the instructor. The challenge is to get ROOT and Admin on these two boxes before the end of the week. 
    
    The material:
    The course breaks down to different hacking domains and inlcudes illustration of exploits and tools used. Lab practice provides hands-on exercise to replicate the hacks. Well organized.
    
    Many people think VeriSign course is less technical or weaker compared to the others.  I only had the chance to browse through E&Y course hand-out. Seems E&Y material is more organized and formal.  E&Y hand-outs also provides a lot more technical details of how comamnds, tools are executed and what to expect for the output. The veriSign course is more higher level - the instrtuctor mentioned to me that he is more concerned for the students to have an idea of how hacks occur and how countermeasures are developped. 
    
    
    One more thing of my observation: 
    
    What you would get from the class depends on not only materials offerred but also you classmates. My classmates inlcudes two NT admin, One Unix admin, One Network admin, two managers, one IS auditor, and one security auditor. In this case, most people are new to security prospect of the networks and are more interested in high level knowledge - how hackers work, how networks are compromised, and how to prevent the hacks - educational approach. The instructor opted to satisfied this kind of need.  
    
    On the other hand, my discussion with instructor over the breaks are more into technical details and hacking approaches. I was impressed and learned a lot. Basically I was hacking away while others were listening to teh high-level stuff. Class breaks gave me chances to re-cap with the instructor and discuss the hacks I tried.
    
    I wish I had being in a more technical group for this class - The instructor mentioned some of his classes got into "hacking wars' among the students and the instructor - the high-level preaching was not necesary since most of them are security consultants. In that case, the instructor opted to dig deeper into technical details.
    
    Hope this helps for those seeking hacking class info.
    
    By the way - the instructor in my class will be in London later this month to teach Applied Hacking class.
    
     
    >From: "Talisker" <Taliskerat_private>
    >To: "stanley chen" <madhackat_private>
    >SUBJECTDate: Tue, 12 Jun 2001 18:36:28 +0100
    >
    >Stanley
    >
    >Thanks a lot for the reply, I eagerly await your verdict
    >
    >Take Care
    >Andy
    >http://www.networkintrusion.co.uk
    >Talisker's Network Security Tools List
    >
    >Security Tools Notification
    >http://groups.yahoo.com/group/security-tools/join
    >----- Original Message -----
    >From: "stanley chen" <madhackat_private>
    >To: <PEN-TESTat_private>
    >Cc: <Taliskerat_private>
    >Sent: Tuesday, June 12, 2001 3:46 AM
    >Subject: Ethical Hacking Class
    >
    >
    >> There are four vendors for this type of courses:
    >>
    >> Extreme Hacking from E&Y
    >> Ultimate Hacking from Found Stones
    >> Ethical Hacking from ISS
    >> Applied Hacking from VeriSign
    >>
    >> Our company brought the E&Y course in house this spring. Very good.
    >>
    >> Today actually is my first day at the VeriSign class - lab starts
    >tomorrow.  Will keep you posted.
    >>
    >>
    >>
    >>
    >> ------------------------------------------------------------
    >> Email account furnished courtesy of AntiOnline - http://www.AntiOnline.com
    >> AntiOnline - The Internet's Information Security Super Center!
    >>
    
    
    ------------------------------------------------------------
    Email account furnished courtesy of AntiOnline - http://www.AntiOnline.com
    AntiOnline - The Internet's Information Security Super Center!
    



    This archive was generated by hypermail 2b30 : Mon Jun 18 2001 - 13:03:03 PDT