lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Dec 6 17:54:39 2005 From: wilder_jeff at msn.com (wilder_jeff Wilder) Subject: IT security professionals in demand in 2006 I'll second that -Jeff Wilder CISSP,CCE,C/EH -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M-- V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++ G e* h--- r- y+++* ------END GEEK CODE BLOCK------ >From: InfoSecBOFH <infosecbofh@...il.com> >To: sk <sk@...undzero-security.com> >CC: full-disclosure@...ts.grok.org.uk >Subject: Re: [Full-disclosure] IT security professionals in demand in 2006 >Date: Tue, 6 Dec 2005 09:23:24 -0800 >MIME-Version: 1.0 >Received: from lists.grok.org.uk ([195.184.125.51]) by mc9-f12.hotmail.com >with Microsoft SMTPSVC(6.0.3790.211); Tue, 6 Dec 2005 09:24:06 -0800 >Received: from lists.grok.org.uk (localhost [127.0.0.1])by >lists.grok.org.uk (Postfix) with ESMTP id 02441407;Tue, 6 Dec 2005 >17:23:38 +0000 (GMT) >Received: from xproxy.gmail.com (xproxy.gmail.com [66.249.82.204])by >lists.grok.org.uk (Postfix) with ESMTP id 83B87266for ><full-disclosure@...ts.grok.org.uk>;Tue, 6 Dec 2005 17:23:27 +0000 (GMT) >Received: by xproxy.gmail.com with SMTP id s9so67779wxcfor ><full-disclosure@...ts.grok.org.uk>;Tue, 06 Dec 2005 09:23:24 -0800 (PST) >Received: by 10.70.65.17 with SMTP id n17mr926990wxa;Tue, 06 Dec 2005 >09:23:24 -0800 (PST) >Received: by 10.70.60.14 with HTTP; Tue, 6 Dec 2005 09:23:24 -0800 (PST) >X-Message-Info: JGTYoYF78jE2PiQ7BFXEAtaW1Env+daBcE9TFCc5BhI= >X-Original-To: full-disclosure@...ts.grok.org.uk >Delivered-To: full-disclosure@...ts.grok.org.uk >DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; >d=gmail.com;h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;b=Ff3SbACkUKYxR6NBrF3JkVCmfhcP46CeHTYG3k5JzfxGGB4Y1z5mPYNyMKY02BDnrK2pQHsURU7tHv+jVNuuc9dFfD1GaMWRu9q1lc6NbuVrZLvbwf3FNX+s2tFkHTXZeooy/BF4EKg9v7Jgd3V1JUaEHvmP5YxCEdfFxHzO4Mk= >References: ><6450e99d0512041801p4adf24bclb8deaeefd203fa9a@...l.gmail.com><00bc01c5f945$fc232af0$0100a8c0@...learwinter> >X-BeenThere: full-disclosure@...ts.grok.org.uk >X-Mailman-Version: 2.1.5 >Precedence: list >List-Id: An unmoderated mailing list for the discussion of security >issues<full-disclosure.lists.grok.org.uk> >List-Unsubscribe: ><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, ><mailto:full-disclosure-request@...ts.grok.org.uk?subject=unsubscribe> >List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure> >List-Post: <mailto:full-disclosure@...ts.grok.org.uk> >List-Help: <mailto:full-disclosure-request@...ts.grok.org.uk?subject=help> >List-Subscribe: ><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, ><mailto:full-disclosure-request@...ts.grok.org.uk?subject=subscribe> >Errors-To: full-disclosure-bounces@...ts.grok.org.uk >Return-Path: full-disclosure-bounces@...ts.grok.org.uk >X-OriginalArrivalTime: 06 Dec 2005 17:24:08.0317 (UTC) >FILETIME=[DD7A4AD0:01C5FA89] > >You are confusing terms here I think. VUlnerability Assessment = scanner >tools > >Pen-Test = actual skill. At least thats how those consultants with a >clue should be selling it. A Vuln Assessment has value, but can be >done by anyone. A Pen-Test, takes a lot more time, the value is >aguable, and only the skilled can actually do them. > >On 12/4/05, sk <sk@...undzero-security.com> wrote: > > CISSP is bullshit. as eeye said 99% of the security consultants do their > > pen-tests with automated tools which is pathetic in my opinion. > > if you cant write exploits, you are no professional, more like a steam > > blower. how can someone be professional when he doesnt > > even understand how an exploit works in deep? what if there are custom > > scripts or exotic daemons installed? without beeing able to audit > > code and understand how certain bugs are beeing exploited, how can >someone > > think he got enough clue to do a professional security audit? > > its just a rip off of the customers as simple as that. or would you pay > > someone to run an automated tool against your host, sit back and wait > > till a nice pdf statistic is generated so he got something to present to > > you? of course you wouldnt. in the 90s the people still had to learn on > > their own and all the mainstream hackers who speak at your conventions >didnt > > learn their knowledge from stupid class rooms. > > everyone who thinks hes a security professional or even a hacker after >he > > made some certs, is just living in a dream world. > > then again the media plays well with the steam blowers so they can make >a > > nice living.. > > sorry i just had to say that since its going on my nerves how all these > > people suddenly think their stupid certs make em special, but then if > > it comes to knowledge everyone is cluless... > > > > -sk > > ----- Original Message ----- > > From: "Ivan ." <ivanhec@...il.com> > > To: <full-disclosure@...ts.grok.org.uk> > > Sent: Monday, December 05, 2005 3:01 AM > > Subject: [Full-disclosure] IT security professionals in demand in 2006 > > > > > > > http://www.computerworld.com.au/index.php/id;923889191;fp;16;fpid;0 > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists