From: Don Parker (
Date: 02/06/04

  • Next message: Pete Herzog: "RE: OPST vs. CEH"
    Date: Fri, 6 Feb 2004 16:52:29 -0500 (EST)
    To: "Bartholomew,  Brian J" <>, "''" <>

    Hello Brian, did you actually bother to certify after taking whatever SANS training it
    was that you took? The SANS training is among the best out there, however the challenge
    starts when you do the certification process. This has not only a difficult "practical"
    portion, but also two demanding exams. From what I have seen of the OSTMM and the CEH
    neither one of them measure up. The OSTMM does seem to offer business training as well
    though in addition to the other obvious training. Though I would say that is best left
    to a place which actually specializes in business training such as a college.


    Don Parker, GCIA
    Intrusion Detection Specialist
    Rigel Kent Security & Advisory Services Inc
    ph :613.249.8340

    On Feb 6 , "Bartholomew, Brian J" <> wrote:

    I have taken the CEH but not the OPST. The CEH is kinda simplistic, and
    pretty easy to pass. I have not taken the OPST, however, I have heard that
    it is much more in depth and more difficult to pass.

    I do think the course designed with the CEH exam (I took one through Intense
    school) is one of the better courses I have taken (in comparison with
    Foundstone, SANS, etc.). Those "other" courses are too mainstream and none
    of them speak of the OSTMM except for the CEH oriented classes.

    To sum it up...If you are looking for letters after your name and a good
    base to start with, go for the CEH (it can't hurt). If you want to take a
    more detailed, OSTMM sponsored test, take the OPST. What the hell, take
    both if you really like a challenge :)

    Brian J. Bartholomew
    Bureau of Diplomatic Security
    DS/SI/ACD SA-20 Special Programs
    Ph: 571-345-2598
    Cell: 202-369-6349
    1801 North Lynn St.
    Arlington, VA 22201

    -----Original Message-----
    From: []
    Sent: Friday, February 06, 2004 11:01 AM
    To: kenzo
    Subject: Re: OPST vs CEH

    I've taken the CEH class. It's pretty good, but it focuses more on hacking
    windows then it does linux or unix. The instructor and environment was
    good though. They don't really talk too much in depth about buffer
    overflows or privledge escalation on linux. But I think the class was
    worth it. NEver taken any of those other tests.


    On Wed, 4 Feb 2004, kenzo wrote:

    > I'm thinking about taking one of these certs. OPST (OSSTMM PROFESSIONAL
    > or CEH (certified ethical hacker)
    > I've read about the two, and they seem to be kind of the same thing.
    > I know that some people in here were talking about the opst, but what
    > the ceh?
    > Has anyone taking the CEH or both?
    > Please let me know.
    > thanks.




  • Next message: Pete Herzog: "RE: OPST vs. CEH"

    Relevant Pages

    • Re: OPST vs CEH
      ... I would second Don's recommendation for the SANS training classes (and ... but I'm convinced that the SANS training and certification process is ... From what I have seen of the OSTMM and the CEH ... > Rigel Kent Security & Advisory Services Inc ...
    • RE: OPST vs. CEH
      ... I'm glad to hear you are interested in taking the OPST. ... > take both exams. ... CEH 3.0 just recently got announced (for example at January ... To be OPST or OPSA certified applies mainly to OSSTMM ...
    • OPST and CEH
      ... actually stated which was more technical in nature, OPST or CEH. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
    • RE: OPST vs CEH
      ... The answer I gave described the courses I ... Bureau of Diplomatic Security ... Subject: OPST vs CEH ... I have taken the CEH but not the OPST. ...
    • Re: OPST vs. CEH
      ... I guess it covers OPST cert. ... Subject: OPST vs. CEH ... It dos not cover the business side of pen testing and the OSSTMM dos ...