July 16th, 2004, 07:17 AM
I am thinking of going to the SANS Network Security Conference in Las Vegas (http://www.sans.org/ns2004) to take one of their security auditing tracks (Track 7 (http://www.sans.org/ns2004/description.php?tid=71) or Track 10 (http://www.sans.org/ns2004/description.php?tid=58) ). These are a little pricey and I don't think I can get my employer to pay so I wanted to hear what people thought of these SANS courses (or any SANS courses for that matter).
Also, at what level are they taught? Track 10, at least, looks pretty basic from the outline but perhaps the course is more intense?
Thanks for any feedback
July 16th, 2004, 04:20 PM
I took track 3 (Intrusion Detection) last year and thought it was really good. Being very new to this arena it was pretty overwhelming but I learned a great deal. If you go, be sure to take in some of the evening sessions and BOF sessions. And check out the IPNet. There's a lot of cool stuff going on there.
July 16th, 2004, 09:05 PM
In general the SANS courses are very good: well taught by both knowledgeable and good instructors, and are pretty deep content wise - think of "drinking from a firehose" statement...lots of material in short period of time. Many of the tracks are geared toward people who already have some experience in security but some are beginner level.
I took the Audit track, #7, and learned alot about what and how to audit sytems. It gave a good depth for many different areas to audit and helped me craft my auditing strategy. I had some great instructors that I recommend such as Stephen Northcutt, John Green, and Randy Marcheny.
I also took the CISSP 10 domains prep class taught by Eric Cole. It was another very good class and Eric is a fine instructor. It is geared toward teaching you the 10 domains of CISSP for certification.
A fellow network/security friend of mine, with many years of experience managing firewalls, took the firewalls track and thought it was very good as well.
Again, the SANS courses, while are pretty pricey, are high quality material and value IMO and worth it.
Hope this helps.
July 17th, 2004, 04:59 AM
Unix Security Admin
part of the Intrusion detection
and their course on business law and computer security.
I think they've all been good courses so far. The conferences are great.
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
July 17th, 2004, 11:22 PM
Been to Tracks I and IV, both were excellent.
FYI, when I attended Track IV in Wash DC. There were a couple of guys in the track with us who were working for the conference. They had signed on to be gophers for the instructors, and help monitor badges. For that they got to sit in the entire track free of charge. SANS taught 8 of their tracks in DC, and had 2-3 of these type of folks in each classroom.
They should be accepting volunteers on their web site. Just a thought if funding is an issue!
Also, I plan on going back for Tracks III, VII, and VIII. As time and $ permit.
\"If you take a starving dog in off the street and make him prosperous he will not bite you, this is the principle difference between a dog and a man\" - Mark Twain
July 19th, 2004, 12:58 AM
Thanks for the replies.
I think I will be making plans for Vegas.