Zombies
Stories of zombies originated in the African Caribbean spiritual belief system of Voodoo, which told of the people being controlled as laborers by a powerful wizard.

SANS Training

Posted: August 26th, 2009 | Author: Matt | Filed under: Education, InfoSec | Tags: , , | No Comments »

SANS a French preposition meaning “without”

I’m probably just going to end up sounding like a completely besotted fan boy who’s looking for some free stuff or perhaps a night on the town with some older lady in a satin dress. What I’m really trying to do is let people know about the SANS training. A lot of people are probably trying to decide whether or not to spend the rather large amounts of money required to go on SANS training. Hopefully this will answer a few questions and clear up any doubt. I am not affiliated with SANS, they aren’t giving me free stuff and no one from SANS is going to take me out for a night on the town. In a nutshell, you’re going to get an unbiased opinion.

I am currently doing the SANS SEC560 – Network Penetration Testing and Ethical Hacking course via the SANS @Home / vLive. This means I have to wake up at 1am because silly me forgot to check the times that it runs in the States versus the times it is here in merry old South Africa. Good times.

Classes

You sign into Elluminate via Java Web Start which is a little scary considering the recent Apple / Java stuff. What you get is a paned “browser” type setup with the main focus on the slides they will be showing that evening in the class. There is another with a list of all the people in the class with a section to enter your questions. When the class runs you are able to ask questions / post opinions etc. to the entire class and have them answered in real time. Very cool. The instructors talk through the slides, giving opinions, “what out for this” and other such goodness. There was even a case the one night when Bryce Galbraith opened and shared his terminal window with the class just to show us something and drive the point home. I find this way of learning so much better than the usual book worming as I battle to just read through books or slides and then work through exercises.

Exercises

Yes, there are exercises, LOTS of them. You are given VPN access into “The Lab” where SANS have setup various machines for you to scan, exploit and generally play around with. Very cool. No reading about “oh, here this is what a scan looks like”, you actually run the scans yourself from a virtual image with all the tools required already installed. Did I say “image” ? Yes, you get a pre-configured Vmware image to run with all the various tools already installed and ready to run. No messing around trying to get stuff working 5 minutes before class. Oh, and the access to the “test” servers ? Awesome. Fire up the VPN, and run through the exercises in real time. Learn by doing…

Instructors

The current class is being run by Jon Strand, Ed Skoudis and Galbraith. I’m not going to say any more on these guys. Let’s just say they all engage the class completely. Questions from the class are answered promptly and accurately. If they can’t be answered an email is sent and the answer is given either at the end of class or in the next one. I’ve sent Ed and John a couple of emails both about the course material and a couple of “off topic” queries and both times I had an answer in my Inbox the next day.

So yeah, in conclusion, if you’re thinking about taking a SANS course or trying to decide between SANS and perhaps another provider, go with SANS. You won’t be disappointed. I for one cannot wait until I can go on some more training. Probably sometime in the year 2025 because of the Rand/Dollar problem, but we can only  hope.

Thanks Ed, John and Bryce. You guys rock.