Penetration Testing mailing list archives
Re: OSCP
From: Craig Wilson <cwilson () ppilearning com>
Date: Wed, 17 Dec 2008 06:45:21 +0000
Of course it is just paper, no different from OSCP. In any profession there will those who are not wholly competent. ----- Original Message ----- From: listbounce () securityfocus com <listbounce () securityfocus com> To: christopher.riley () r-it at <christopher.riley () r-it at> Cc: andreg () gmail com <andreg () gmail com>; arivas () hyphensolutions com <arivas () hyphensolutions com>; listbounce () securityfocus com <listbounce () securityfocus com>; pen-test () securityfocus com <pen-test () securityfocus com>; pen-test-return-1078487582 () securityfocus com <pen-test-return-1078487582 () securityfocus com> Sent: Tue Dec 16 20:47:23 2008 Subject: Re: OSCP I have seen this same problem so often it just eats me. I know a company that had a test done by Earnest and Young in Nairobi, and the only vulnerability that was found is the zone file transfer, and the guys are CISSP certified, so whenever we meet with my fellow group of pentester we laugh at it, saying,"u are vulnerable to dig!" Secondly u will see employers, like a company called Safaricom employing CISSP, and the other day i watched one of them trying to figure out how a SQLi really works. I think CISSP is just a paper. But business is always business. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- RE: OSCP Leach, Paul (Dec 18)
- Re: OSCP NeZa (Dec 18)