Hacker Boot Camp 161
abb_road writes "Business Week sent a reporter to TechTrain's ethical hacker training camp, where, for $4,300, participants spend five days working towards ICECC's 'Ethical Hacker Certification.' The camp serves companies' increasing needs for home-grown white hats, and covers topics ranging from the non-technical (social engineering and policy creation) to code-level attacks (buffer overflows and sql injections). The tuition seems a bit steep for materials that, as the article notes, are 'freely available over the web'--but where else can you play hacking capture the flag?"
::groan:: Please make this go away. (Score:5, Interesting)
It sounds like this bootcamp just teaches people a handful of tricks that can be used to impress hiring managers. (Mentioned in the article: The default MS SQL login is "sa" with no password. Well, that's tidbit is not going to do you much good if you're assesing any version of SQL Server released within the past six years.) Do they explain the difference between a frame, packet, and datagram? All specifics and no theory.
Certified Ethical Hacker? (Score:5, Interesting)
Re:::groan:: Please make this go away. (Score:4, Interesting)
It may be useful to scare management into securing their networks though.
For better training, check out http://pulltheplug.org/ [pulltheplug.org] and the dozens of other "war games" out there.
NT350 at Herzing (Score:4, Interesting)
In the end we didn't have quite as much attack time as we had hoped, and a lot of vectors were blocked off because we all knew we were going to be attacked and there was no real life activity on the networks. So everyone was was scrounging each others networks for any mistakes or missed patches. Some people had honey pots, some people hosted exploiting web pages, but for the most part, there was little damage. But we all learned a lot about securing networks and servers, and different ways to minimize risks.
All in all, definitely a class that was worth taking. I would recommend it to anyone in range of a Herzing campus, but the Teacher I had is no longer teaching (he's a full time network admin for the school now) and I have no idea how the class is arranged any more.
-Rick
Why does this money making scam get airplay on /.? (Score:1, Interesting)
Re:My College Offered a Class Like This... (Score:3, Interesting)
For anyone interested in the class (CEG 429), Dr. Mateti licenses all his lecture notes [wright.edu] under the Open Publication License [opencontent.org].
Re:::groan:: Please make this go away. (Score:3, Interesting)
http://vortex.labs.pulltheplug.org/ [pulltheplug.org] vortex deals with basic exploitation... buffer overflows/fmt strings etc..
:))
http://semtex.labs.pulltheplug.org/ [pulltheplug.org] Semtex is for people who want network challenges (not neccessarily exploitation)
http://www.pulltheplug.org/wargames/catalyst/ [pulltheplug.org] Reverse Engineering and Binary Analysis - the server is down but you can get the levels via the page.
http://www.pulltheplug.org/wargames/blackhole/ [pulltheplug.org] Remote Exploitation - the server is down but you can get the levels via the page
http://blacksun.labs.pulltheplug.org/ [pulltheplug.org] our newest wargame - deals with defeating hardened hosts... (PaX etc...)
our IRC network has quite a few people who play the wargames (irc.pulltheplug.org #social)
(ok i'm done with this shameless plug
Poseurs, mostly (Score:2, Interesting)
Sooner or later you are going to work with some dumb ass and it will be your responsibility to (tactfully) demonstrate all the security holes they have introduced in their code.
Standlaone so-called "security experts" are all useless poseurs. Twice now I have encountered "ethical hackers" in the job, hired by high-up muckety mucks, who told me "we like totally 0wned you systems d00d" and then refused to disclose to me what they had done. My logs said nothing, nobody took any action, and as far as I could tell it was all bullshit.(I owned all the servers, routers, and firewalls, so I should have known.)
I've only encountered one "security expert" who could ever actually demonstrate a non-obvious exploit to me, and that was in the Solaris 2.5 days.
"Ethical hacking" is core competency of any experienced system administrator. I'm amazed that there are so many senior sysadmins out there who don't or can't lock down their systems, or think that security is some kind of separate thing from system administration. I'd never hire any of them.
Re:Defcon (Score:3, Interesting)
Most people attending the course would not know that you have to prepare for DEFCON by imaging your hard drive, then reimage the machine and flash the BIOS when you return. When I go to BlackHat I draw an old machine that has been decomissioned.
$4,300 is the going rate for training, if anything slightly low. You can find all the information on the Web but only if you know what to look for.
I hate these classes (Score:3, Interesting)
From the article -- in the first half day ($500 of his tuition), the reporter learned how to "hack" into a database that was completely unsecure. If the admin had even bothered to apply SQL Server service pack 3 (release two years ago), it would have warned him of the problem and forced him to fix it. The admin would also have to make a second horrible mistake of opening port 1433 to the Internet.
How would this lesson help the student secure his own network? If his SQL admin are leaving sa's password blank, they should be fired, not trained. As for the SQL injection stuff -- I teach every one of by web development students about it when we learn about connecting to databases. Teaching the security guy about it is STUPID. Do you teach your kids to lock the house, or do you hire a home security service to come and lock it every time you leave? SQL injection needs to be dealt with at the point of the problem -- so does database management and every other problem addressed in these courses.
Network security professionals should be learning about reducing attack surfaces and implementing security policies. They should learn how to defend against the problems of 2007, not 2005. All these "ethical hacker" classes do is scare the uninformed and provide a week long vacation for hard-core techies.
Another interesting side-effect of these classes is that students generally learn about technologies that have common problems. It's highly unlikely that a "certified ethical hacker" has experience with two-factor authentication, L2TP vpns, or Kerberos. But hey, they know how to crack an FTP server!!!! I'm going to hire one of these guys right now to fix my network.