On becoming a Certified Ethical Hacker (CEHv9)

I've been trying to decide whether or not to write this post since I became a Certified Ethical Hacker (CEHv9) just over four weeks ago.

On the one hand, I don't want to go about blowing my own trumpet too much but, then again, as the title of Eric Sykes's autobiography put it, If I Don't Write It Nobody Else Will[*].Or to put it a slightly different way, if I have skills and qualifications that might be of some use to somebody, keeping them to myself is perhaps not the best form of advertising.

Mind you, if I tell everybody I'm a hacker then it might become somewhat more difficult to do any social engineering.

Notwithstanding all of that, having vacillated about telling people about this for over a month, I've decided to share it with you.

Incidentally, on the skills and qualifications front, I've written a little more about some of mine here, including links to various online profiles.

So what is it?

The Certified Ethical Hacker (CEH) qualification relates to assessing the security of computer systems using penetration testing techniques. The only real difference between an ethical hacker and an unethical hacker is that the ethical hacker acts with the permission of the target; the techniques and tools used are the same. Of course the ethical hacker doesn't do anything nefarious with any data they obtain, but their actions would likely render them liable to prosecution were they not granted (in advance) explicit permission to undertake those actions. This means that the training is pretty interesting and you're required to sign an NDA and to promise not to be naughty before you start. This also limits what I'm allowed to write about it here.

The training material is extensive - you'll see how thick the manuals are if you scroll down a bit - and there are also lots of useful files to download (via a unique code inside one of the manuals), including the course material itself as well as various hacking tools. The areas covered include such things as Hacking Websites (mostly via the usual suspects of SQL injection, XSS, CSRF), Hacking WiFi, Hijacking Bluetooth, Denial of Service, Social Engineering, etc, etc. There is a lot of emphasis on knowing how to use the various tools.

Whilst it's possible to take the exam after self-study, doing so requires you to submit proof of having been working in a security-related field for two years and you must also submit a CEH exam eligibility application and obtain authorisation from EC-Council before you can attempt the exam.

Sufficiently discouraged, I opted for training with Firebrand and, as with many other Firebrand courses, it was very good but rather intense. When you arrive at their Wyboston Lakes facility (which is just off the A1, near St Neots), you are supplied with everything you need so you can focus entirely on learning for the duration of your stay. The food was nice, there was lots of coffee, the bed was okay, the shower was hot, etc. Since I'm self-employed, time really is money (I don't get paid when I'm not at work), so I elected not to make use of the bar and gym facilities.

A lot of the other people on the course were with the police and various foreign governments. Everybody already knew quite a lot about at least one of the 18 different areas of study, but nobody was already an expert on everything.

By the way, if you train with Firebrand and they tell you to attend an orientation meeting the evening before the training starts in earnest the next morning, I advise you to attend; after meeting the other trainees we all spent a couple of hours in the classroom, with a break for dinner. The course ran over five days with the exam being administered on-site on the last day (that's how Firebrand do things and it makes life a lot easier). I think it's fair to say that on Friday morning we were all glad to have started learning on Sunday evening.

Continuing Education

In order to maintain my status as a Certified Ethical Hacker, over the next three years I am required to earn sufficient credits via the EC-Council Continuing Education (ECE) program. I think this is a good idea. There are various ways to earn these credits and these are (sort of) explained if you follow that link.

So what is it?

If you're getting a sense of déjà vu or you think the answer should be, "I've never seen one before, no-one has, but I'm guessing it's a white hole", then you should either see, or have already seen, this clip from Red Dwarf.

How do we know you're not making it up?

Good question. You can see proof by going to https://aspen.eccouncil.org/verify.aspx and entering my Candidate Name as Thomas Chantler and my Certification Number as ECC17937919365.

Conclusion

The CEHv9 qualification is very broad and covers a lot of material. There's a reason why the three manuals are four inches thick between them; there's a lot to learn.


It's a fascinating and very relevant subject and I really enjoyed learning more about it.

If you fancy having a go at it yourself, you can try some test questions on the EC‑Council website at https://www.eccouncil.org/Training/ceh-assessment. If you're going to take the exam, I'd advise you to brush up on your low-level networking knowledge. You will also need to know the syntax for several of the hacking tools. And most of the stuff from the manuals.

If you want to learn more about ethical hacking and you've got a Pluralsight subscription - and if you haven't, you can still get a three- or six-month subscription for free by joining the Visual Studio Dev Essentials program - it's definitely worth your while to check out Troy Hunt's Pluralsight videos.

And if you do sign up and get a free subscription, please let me know (in the comments section below) if it's still six-months. Even if they've reduced it by now, it's still an amazing offer.

If you want to go on a training course, I can recommend Firebrand. Tell them I sent you if you like, although I haven't got any kind of referral scheme set up with them, so there's nothing in it for me if you do.