Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: EC-Council

EC-Council Courses certified by the NSA !!!

eccYes, this isn’t a mistake, and I’ve not been drinking. I received a nice email from the people at EC-Council letting me know that the “EC-Council Courseware certified to have met the CNSS Standards by the United States National Security Agency (NSA) and the Committee on National Security Systems (CNSS)”. The press release goes on to detail the EC-Council courses (including CEH, ECSA and LPT) that have been been certified to meet the training requirements for information security professionals in federal government.

My first reaction was that this must be come kind of scam. I was waiting for the part where they ask me for my credit-card number so I can receive a new certificate and security level. Alas, this was not to be. Those who’ve read my blog or my articles know that my view on EC-Council and in particular their CEH, ECSA/LPT track isn’t a good one. I’ve been through the training and to this date (maybe for not much longer) I’m still certified as a CEH and ECSA. I’ve refused to pay the $500 a year required to be an LPT however, as, well, it’s a farce. Still, back to the point. I’m not sure what changes EC-Council have made since my experiences with version 5 of the CEH course, but from what I’ve heard and read, they’ve only increased the size of the course and done nothing to improve the low quality of the training and material.

I’m not sure what the thinking behind this certification was, however I’d love to hear your opinions. Does this change your view on the quality of CEH candidates ? or has it just lowered your opinion of the technical competence of the NSA. I know where my feelings on the matter lie.

EC-Council Press Release –> HERE

Hakin9 01/2009

hakin9_logoWell, sometime while I was in London it seems the new Hakin9 magazine hit the shelves. Somewhere in there is an article I wrote a few months back on security training. I hope it helps people that are looking at the options. Maybe I’ll revisit the topic in another 12 months to look at the OSCP and a few of the more specific SANS courses.

Overall I’m happy with the article, although somewhere between proof reading and print “C|EH” turned into “CIEH” it seems. Still, I hope that everything else is ok. Let me know your thoughts…. constructive criticism is always welcomed.

EC-Council points

Over the last 6 months EC-Council have been implementing their new ECE points system for retaining your qualifications (ISC² style). Now I’ve blogged before a few times on the C|EH, ECSA and L|PT qualifications, so I don’t want to re-hash those view. However, the whole ECE points rollout has been one disaster after another. Although the system was meant to be released at New Year, nothing appeared. When the members on the forums asked questions, nobody answered. Emails where pretty much the same, with an occasional mindless response that made no attempt to even answer the question at all. However, we (the forum members) persevered, and were rewarded a few months late with the brand new ECE portal in all it’s glory. It was buggy, badly designed and the points were wildly disproportionate. If you did a course with EC-Council, or talked at an EC-Council event, you’d get 4 times the points than if you talked at something like DefCon. A truly WTF moment if I’ve ever had one. Anyway, things got better. To EC-Council’s credit, they took some of the comments from the forum users and actually made some changes to the points system. They added Security related Podcasts to the list, and changed the points allocations. Things were on the upturn.



Fast forward a few months and I’ve added a few things to the points list. After all, no matter what I think of the quality of the qualification it seems a waste to just not spend 5 minutes filling out the form to retain it. Well, maybe it is a waste, but that’s something I’ll consider in the future. Added to the points list are a number of security related books I’ve read, as well as the SANS GPEN course/exam and an article I’ve written for Linux Magazine about Snort IDS. No problems so far, everything is fine and dandy. That is until I write an article for Hakin9 magazine about security training. I added it to the ECE system yesterday while I was taking a 5 minute break from breaking a web-app.

I thought nothing of it… that is, until I get an email asking for a copy of the article. Suddenly EC-Council wants to see proof that I’ve written an article. They don’t want proof of the Linux Magazine article, the SANS course, or anything else I’ve done. However, an article on security training is something different it appears. I’m not so worried about loosing my C|EH/ECSA status (never bothered paying for the L|PT) if EC-Council dislike my article, but seems like they’re not a big fan of criticism when it comes to their courses.

I’ve replied asking them for clafficiation why they need proof for only this item and not the others. We’ll see what they give as a reason. Maybe they’re just getting their act together on checking these things, but I doubt it. If the article was about something else, I doubt they’d care to check. Things smell a little fishy to me.

Certified Ethical What ???

Well yesterday I took (and passed) my EC-Council Certified Ethical Hacker exam. What can I say about this exam that’s not already be said. Well lets start at the beginning shall we.

Learning Material

On day 1 of the course you get 4 books (yes that’s not a typo) totalling about 2400 pages. The book is badly written (considering it’s version 5 of the course). For each section of the book they list in rough detail (sometimes wrong) about a large range of tools. This is just too much information, especially considering most of the tools they cover are either useless, or just not good enough to compete with the likes of NMAP or Nessus. They could condense these books down to 1 or maybe 2 by dropping the extensive tools descriptions and concentrating on whats important and then just giving a list of others. Also the books and CD’s are quite obviously produced and packed in a terrible environment (they have an office here in India so I expect that’s where) of the 8 CD’s given with the book 1 worked, as the others were scratched out of the case… same with the books for the other 2 students as well.

Course Presentation

Poor…. that’s about the only thing I can say. There are hundreds of slides for each module, which forces the tutor to skip, or just roughly comment on each at such a pace that nothing is learnt. The detail is poor, and again they need to concentrate on reducing the content to what is required and not listing everything. Too much information means you will get nothing from the course unless you say “hold on, lets read this and go through it” meaning you’ll run out of time before the end of the books. From module 22 onwards the course is Self-Study (this is shown in the slides) leaving you 4 chapters to learn yourself with no assistance from the instructor, or the book in some cases (chapters 23-26 are only slides with no text to explain) It would be ok if these were just chapters not required, but these for me were the more interesting topics.

Trainer (Koenig-solutions, India)

Well, he was pretty useless to be honest. Students had to correct him constantly, and when we came across the sections on SQL injection and Linux he wanted to skip them as he didn’t know either topic at all. This may just be a Koenig-solutions problem, but then again it may not. How can he qualify as an instructor when he doesn’t know the subject. Poor authorised tutor management.


I had a few questions for EC-Council regarding their new ECE (EC-Council Education Points) system. So I emailed them. A nice man named Haja emailed me back and told me nothing. So I emailed again, and got the same exact reply. I also emailed another email address to try and get the books in PDF format. Haja replied and told me that I can buy them online at there store. Seems like Haja (the technical director) is the only person working there. Also seems that EC-Council just like money no matter what.


Take from this what you will, but I’m betting that another 5 years people will be saying EC Who ? 

Additional: ECSA

Today I started my ECSA (I already had this booked so had no chance to cancel) so far… my views are the same as the CEH. Poorly designed course, and courseware. The book even says to do the practise in the lab book (which doesn’t exist) The EC-Council really need a proof reader and somebody to redo all this courseware into something useable.