Re: Pen test courses

From: JC (-none-_at_resnulius.net)
Date: 05/26/03

  • Next message: Sandy Turner: "Secure Home Networking?" 
    To: "Petr Ruzicka" <pruzicka@openbsd.cz>, <pen-test@securityfocus.com>
Date: Mon, 26 May 2003 21:48:12 +0200

    Petr,

    There are 2 very interesting courses from Isecom.org
    (http://www.isecom.org):
    These classes focus on the right methodology, ethics, law, understanding of
    the tests, lifecycles of security tests, organisational aspects, etc... In
    other words, more than just using the tools, but understanding how to use
    them in the best way possible. These courses are based on the Open Source
    Security Testing Methodology Manual (OSSTMM) that is an open source
    methodology to perform professional and complete security tests.

    - OSSTMM Professional Security Analyst (OPSA):
    " The premise of the training course is to provide a variety of hard and
    soft skills to the security professional. The training course focuses on the
    analytical skills and security knowledge necessary for security and risk
    analysis and the business skills required for successful security team and
    project management. This course is not about just passing the exam. This
    course is about bringing the combined, international knowledge and
    experiences of security team leaders and security consultants to bring depth
    and insight to the training. "

    - OSSTMM Professional Security Tester (OPST):
    " The premise of the training course is to support the necessary knowledge
    transfer for a person to be considered a capable, resourceful, and
    self-sufficient security tester. The training course focuses on the
    technical skills necessary for security testing and the business skills
    necessary for providing justification, efficiency, and understanding
    contemporary business and security needs. "

    Cheers,
    Martin

    ----- Original Message -----
    From: "Petr Ruzicka" <pruzicka@openbsd.cz>
    To: <pen-test@securityfocus.com>
    Sent: Monday, May 26, 2003 11:37 AM
    Subject: Pen test courses

    > Hi,
    > could you recommend me some valuable PenTest training ?
    > I know already how to use nmap, ping/traceroute, nessus, hping, nemesis,
    tcpdump/ethereal, ettercap, I know how to do passive fingerprint of OS, use
    various honeypots etc. etc.
    > However, there is always something new to learn, I'm sure. I did some
    research of available training courses on the Internet and I'm not sure
    which could be valuable to me, as I do not need to spend time learning
    'nmap -vv -sS -P0 x.x.x.x'.
    > Besides programming skills and researching new vurneabilities (and keep
    running on learing track), is there any good training out there ?
    > Thanks a lot
    >
    > Petr Ruzicka
    >
    > --------------------------------------------------------------------------
    -
    > *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    > Just like wired networks, wireless LANs require network security policies
    > that are enforced to protect WLANs from known vulnerabilities and threats.
    > Learn to design, implement and enforce WLAN security policies to lockdown
    enterprise WLANs.
    >
    > To get your FREE white paper visit us at:
    > http://www.securityfocus.com/AirDefense-pen-test
    > -------------------------------------------------------------------------- 

    --
>
>
---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies 
that are enforced to protect WLANs from known vulnerabilities and threats. 
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
To get your FREE white paper visit us at:    
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------
  • Next message: Sandy Turner: "Secure Home Networking?"

    Relevant Pages

    • Re: hacking / security training
      ... Black Hat is hardly a "training course." ... You're not going to find many folks at Black Hat who care to teach anyone ... If you're new to network security, I would highly recommend taking some ... If you've done all of this, securing IIS will become monkey work! ...
      (microsoft.public.inetserver.iis.security)
    • RE: [fw-wiz] Interlopers on the WLAN
      ... the weak default setus that might be infringing security of various gov ... > these WLANs are operated by non-technical consumers who, in my view, ... Spammers might well take this route, and might already have taken this ... shadowed by the free wireless routes available for access. ...
      (Firewall-Wizards)
    • [REVS] Hacking the Invisible Network (Insecurities in 802.11x)
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Wireless network technology is becoming increasingly popular but, ... but it does at least provide a deferent to attackers. ... WLANs introduce security risks that must be understood and mitigated. ...
      (Securiteam)
    • Re: Windows 2003 Server - MS Rulez?
      ... Windows 2003 Server - MS Rulez? ... *** Wireless LAN Policies for Security & Management - NEW White Paper ... lockdown enterprise WLANs. ... wireless LANs require network security policies ...
      (Focus-Microsoft)
    • RE: Windows 2003 Server - MS Rulez?
      ... There's a great new white paper on Windows XP/2003 services on TechNet: ... security issues to be well addressed. ... *** Wireless LAN Policies for Security & Management - NEW White Paper ... policies to lockdown enterprise WLANs. ...
      (Focus-Microsoft)