| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: robert at dyadsecurity.com (robert@...dsecurity.com) Subject: CISSP Test Vladamir(wireless.insecurity@...il.com)@Tue, Mar 22, 2005 at 11:34:35PM -0500: > In my opinion, they should do away with "boot camps", they churn out > paper CCNAs, paper CISSPs, and they're doing nobody any real good. > > Why did SANS do away with the practical portion of their (I forgot the > name) exam? I read briefly about it, and it looks (well, looked) like a > lot of fun, how hard would it be? > > Set up honey pot w/ snort, ethereal, secured logging server > Advertise "insecure machine" > Sit back, collect packets, write report. > > Doesn't sound too hard to me! Doesn't sound too useful either! But seriously, most of the "security" industry is sadly broken. It's filled with good intentioned people who grossly misunderstand the problem and people just looking to make a buck where ever they can. SANS programs have little to do with security. I'm glad they changed their policy. They seem more honest now. If you want to learn about security, start here: http://www.acm.org/classics/sep95/ http://www.nsa.gov/selinux/papers/inevitability/ http://www.radium.ncsc.mil/tpep/library/rainbow/ Robert -- Robert E. Lee CEO, Dyad Security, Inc. W - http://www.dyadsecurity.com E - robert@...dsecurity.com M - (949) 394-2033
Powered by blists - more mailing lists