[wplug] GIAC certification
Rob Nelson
ronelson at vt.edu
Wed Dec 19 16:51:40 EST 2001
>How was the SANS course. Did it cover new or unfamiliar ground, or was it
>mostly a reemphasis of current published standards? Do you feel as though
>it was worth the time/effort? Thanks.
I'd recommend that those planning on attending college get their financial
loans and put it towards SANS seminars instead. I mean, I liked it a lot :)
While the course didn't cover anything I couldn't find in a book, or maybe
even think of on my own, it put it all together. Hey, I'm busy. I don't have
the time (or the money) to buy 20 books and read them to figure out how
firewalls and perimeter protection (the track I attended) would best be
deployed. But I can spend 5 days with 100 other people learning about it,
hearing the stories of what happens when it goes bad, and talk with other
people about it. I just can't rave about it enough.
Oh, and the certification is world's apart from any cert I've seen. You have 8
weeks to put together a paper, determined by your track. For firewalls, I have
to design a network including VPN's, firewalls, routers, internal firewalls, a
protected service network, and some other gizmos; then part 2 is to give the
rulesets on the primary firewall, the primary router, and the VPN device; part
three is to plan and then execute an audit of the primary firewall; part 4 is
to take another exam, grab their section 1, find and poke three holes in it.
Minimum 20 pages. Then I have two weeks to study for and take two 75 question
tests, 90 minutes each. If I get this (if!) then I will certainly feel I
accomplished something, and my boss will too! And, if I get above a 90 on
either section, I get a nomination to be on the Firewalls advisory board, to
plan future courses and exams. Pretty dang cool.
Aside from the classes, there were some really awesome evening sessions. One I
went to was about the cert, which I explained above, and another was "Fighting
Back, A Response to CyberCrime", by Alan Palmer. FYI, he was one of the
experts in the mafiaboy trial and has helped form incidents.org and
packetstorm. His talk was excellent, and put a light at the end of the
very-very-dark internet security tunnel. I didn't get to go to any Bird's of a
Feather session (the one I wanted to go to, someone scheduled for 5pm, when a
vendor presentation was going on!) but some of the guys I met there said they
were pretty cool. Free beer at anything after-hours helped a lot, I'm sure.
To sum it up, I heartily recommend it to anyone who even thinks the word
security between 9-5. It's a completely vendor-agnostic seminar with some
really cool teachers, and SANS organization just keeps you coming back for
more. I'm already planning a push for a March SANS even where Mr. "Honeynet"
Spitzner will have a two-day talk on how to set up a honeynet!
Rob Nelson
ronelson at vt.edu
More information about the wplug
mailing list