Re: PWB - OSCP certification for newbies



"Try harder?"

What are you paying them for?

I agree with what one of the people here said though, "the one thing
it teaches you is that if you can't do it by yourself then you can't
do it." I think that's a lesson that most people never learn - self
reliance. The lesson is that if you can't research and solve problems
independently then maybe you're in the wrong business.

I imagine most people would just fail, say the course sucks, and fall
back on their CISSP and 6 figure salary to salve their wounded ego
though.

C'est la vie,

Steve Mullins

On Wed, Sep 2, 2009 at 6:36 PM, Eric Milam<emilam@xxxxxxxxxxxxxx> wrote:
I passed my cert OSCP in July.  I would have to agree with what is said
below with one small caveat.  There *are* people willing to help you,
but it won't be the instructors.  Best thing to do is to try to make a
few *friends* in the IRC room and they can help you.

I personally have helped many people, b/c I know how it felt to be told
"Try Harder" or "We don't give answers" when all you want to do is get a
nudge.  There are people willing to help, but there is a lot of "Try
Harder"

I am taking the CTP course now and I find it the same, I don't even go
to the chat room much anymore.

I must note that is you go through the course and you do the challenge
and pass, you will feel like king/queen of the world.  I've got a lot of
certs and I have to say this one went straight to the top of my resume.

Hope that helps a little more....

Eric


On Tue, 2009-09-01 at 09:56 +0100, Hari Sekhon wrote:
Myne Computer wrote:
Ok, with that said, I have another question to add. I am in about same
place as Mauricio and would like to get further into training. Say
someone is ok with linux, ok with networking, ok with multiple
operating systems and on a decent start, where would be a good place
for training in your openion to get a bit more into security,
pen-testing, router configurations, firewall configurations, and
anything like that.
Just so you are clear on what you would be getting, there is nothing on
router configurations, firewall configurations etc etc, you are expected
to know all that already (which is why I mentioned they just assume you
are experienced and know it all already). There is absolutely no
instruction or information on such things in the course. You'd have to
do all the other vendor specific courses for those things (hope you have
a huge training budget!).

I have been using a lot of tools like Nmap, wireshark, metasploit, and
cain&able but would really like to understand this better. I have a
server setup at home with multiple operating systems on many
partitions I do a lot of my testing on but most of my learning comes
from just google, man pages on Backtrack and reading books. I feel a
good bootcamp would be nice to go through not just for the experience
but the chance to talk to other people about this. Any suggestions on
training or directions to take.
As part of the course, answers are not given intentionally, which leads
to a lot of frustration and the usual response of "try harder" and
images blocking people from moaning all the time which can bring even
good people to tears when they hit something tough. The one thing it
teaches you is that if you can't do it by yourself then you can't do it.
I personally would have liked to have been able to ask people a few
things in discussions, we all would, but that's strictly not allowed
especially in public, it's  just not the way it operates, there is an
element of hacker l33tness culture and especially the part about not
giving answers, so can expect to lose a lot of sleep trying to figure
stuff out by yourself, which I think is the culture they are trying to
instill in you as the real one, and the whole atmosphere is against
"spoon feeding".

-h



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • Re: PWB - OSCP certification for newbies
    ... Just so you are clear on what you would be getting, there is nothing on router configurations, firewall configurations etc etc, you are expected to know all that already. ... I have a server setup at home with multiple operating systems on many partitions I do a lot of my testing on but most of my learning comes from just google, man pages on Backtrack and reading books. ... I personally would have liked to have been able to ask people a few things in discussions, we all would, but that's strictly not allowed especially in public, it's just not the way it operates, there is an element of hacker l33tness culture and especially the part about not giving answers, so can expect to lose a lot of sleep trying to figure stuff out by yourself, which I think is the culture they are trying to instill in you as the real one, and the whole atmosphere is against "spoon feeding". ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: PWB - OSCP certification for newbies
    ... router configurations, firewall configurations etc etc, you are expected ... element of hacker l33tness culture and especially the part about not ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Pentest exams
    ... My GPEN cost me 700.00 since I volunteered as a facilitator at a SANS ... IACRB CPT and CEPT certs require a full ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: OSCP ?
    ... I like to say that the OSCP training is like a set of carpenter tools. ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: OSCP ?
    ... Also IMHO if they exam was like the material then where is the challenge? ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)