lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY106-F34F188F6F4B497847FB8FA94410@phx.gbl>
Date: Mon Dec  5 16:55:11 2005
From: wilder_jeff at msn.com (wilder_jeff Wilder)
Subject: IT security professionals in demand in 2006

Not to validate the cissp... but try to get a good security job with out it. 
   I do not have to know how to forge the steel, machine the metal, build an 
engine in order to drive a car. I understand the the inner workings of an 
application how how it interacts with the differnent layes...

There are the eliete individuals... the top 5-10% that can actually write 
their own exploit code, but in the industrial industy where we are not 
creating our own applications, what good is it?

I'm not going to say if the cissp was good or bad.. but I ca tell you, after 
all the studies and time in prep, I understand the business side of 
security. If you dont understand that side of it.. you can hack all you want 
from a dark room in the basement, but your never going to be able to make a 
bigger impact in the industry as a whole. Its money that makes the world 
move.

I cannot say that my skill at preventing a hack was any better after the 
cissp then before it... but because of the certification, it placed me into 
a position where I can learn far more then sitting in my dungeon at home.



-Jeff Wilder
CISSP,CCE,C/EH



-----BEGIN GEEK CODE BLOCK-----
  Version: 3.1
	GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M--
	V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++
	G e* h--- r- y+++*
------END GEEK CODE BLOCK------





>From: "sk" <sk@...undzero-security.com>
>To: <full-disclosure@...ts.grok.org.uk>
>Subject: Re: [Full-disclosure] IT security professionals in demand in 2006
>Date: Mon, 5 Dec 2005 03:45:18 +0100
>MIME-Version: 1.0
>Received: from lists.grok.org.uk ([195.184.125.51]) by MC8-F37.hotmail.com 
>with Microsoft SMTPSVC(6.0.3790.211); Mon, 5 Dec 2005 00:59:24 -0800
>Received: from lists.grok.org.uk (localhost [127.0.0.1])by 
>lists.grok.org.uk (Postfix) with ESMTP id 322AE27D;Mon,  5 Dec 2005 
>08:57:53 +0000 (GMT)
>Received: from hosting.g-0.org 
>(hosting.GroundZero-Security.com[217.172.172.12])by lists.grok.org.uk 
>(Postfix) with ESMTP id 8370DD8for <full-disclosure@...ts.grok.org.uk>;Mon, 
>  5 Dec 2005 02:46:53 +0000 (GMT)
>Received: from nuclearwinter (p5499EDB0.dip.t-dialin.net 
>[84.153.237.176])by hosting.g-0.org (8.13.1/8.13.1/SuSE Linux 0.7) with 
>SMTP idjB52kT8u006885for <full-disclosure@...ts.grok.org.uk>; Mon, 5 Dec 
>2005 03:46:42 +0100
>X-Message-Info: JGTYoYF78jG54YUSJSmbzlfPWdFewmiFRINzDDRhcKc=
>X-Original-To: full-disclosure@...ts.grok.org.uk
>Delivered-To: full-disclosure@...ts.grok.org.uk
>References: <6450e99d0512041801p4adf24bclb8deaeefd203fa9a@...l.gmail.com>
>X-MSMail-Priority: Normal
>X-Mailer: Microsoft Outlook Express 6.00.2800.1506
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
>X-Mailman-Approved-At: Mon, 05 Dec 2005 08:57:42 +0000
>X-BeenThere: full-disclosure@...ts.grok.org.uk
>X-Mailman-Version: 2.1.5
>Precedence: list
>List-Id: An unmoderated mailing list for the discussion of security 
>issues<full-disclosure.lists.grok.org.uk>
>List-Unsubscribe: 
><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, 
><mailto:full-disclosure-request@...ts.grok.org.uk?subject=unsubscribe>
>List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
>List-Post: <mailto:full-disclosure@...ts.grok.org.uk>
>List-Help: <mailto:full-disclosure-request@...ts.grok.org.uk?subject=help>
>List-Subscribe: 
><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, 
><mailto:full-disclosure-request@...ts.grok.org.uk?subject=subscribe>
>Errors-To: full-disclosure-bounces@...ts.grok.org.uk
>Return-Path: full-disclosure-bounces@...ts.grok.org.uk
>X-OriginalArrivalTime: 05 Dec 2005 08:59:24.0758 (UTC) 
>FILETIME=[30A82760:01C5F97A]
>
>CISSP is bullshit. as eeye said 99% of the security consultants do their
>pen-tests with automated tools which is pathetic in my opinion.
>if you cant write exploits, you are no professional, more like a steam
>blower. how can someone be professional when he doesnt
>even understand how an exploit works in deep? what if there are custom
>scripts or exotic daemons installed? without beeing able to audit
>code and understand how certain bugs are beeing exploited, how can someone
>think he got enough clue to do a professional security audit?
>its just a rip off of the customers as simple as that. or would you pay
>someone to run an automated tool against your host, sit back and wait
>till a nice pdf statistic is generated so he got something to present to
>you? of course you wouldnt. in the 90s the people still had to learn on
>their own and all the mainstream hackers who speak at your conventions 
>didnt
>learn their knowledge from stupid class rooms.
>everyone who thinks hes a security professional or even a hacker after he
>made some certs, is just living in a dream world.
>then again the media plays well with the steam blowers so they can make a
>nice living..
>sorry i just had to say that since its going on my nerves how all these
>people suddenly think their stupid certs make em special, but then if
>it comes to knowledge everyone is cluless...
>
>-sk
>----- Original Message -----
>From: "Ivan ." <ivanhec@...il.com>
>To: <full-disclosure@...ts.grok.org.uk>
>Sent: Monday, December 05, 2005 3:01 AM
>Subject: [Full-disclosure] IT security professionals in demand in 2006
>
>
> > http://www.computerworld.com.au/index.php/id;923889191;fp;16;fpid;0
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ