I went to a SANS Forensic course (508) last year and a few weeks ago I decided to try something new… to stay at home and dedicate 5 days to do their Ethical Wireless Hacking training course (617).

Let me first say that the 617 training course was really good, the author of the course and the recordings were made by Joshua Wright who runs the http://www.willhackforsushi.com blog. He is very knowledgeable and his enthusiasm was even contagious through audio only. In fact this is a huge understatement! I was truly amazed by his skills, stories and training delivery!
So much that for 7 days I was up at 9am and worked until 2am each day on the different content material covered by the course.

As I almost lost my sanity and started dreaming of ToDS/FromDS bits and fuzzing I thought I would share a few tips on this type of training course.

– Check the last time the course was updated, and if there is an upcoming update – with SANS or with the author. The course I took was last updated about a year ago and as I checked the author blog it did sound as if a lot have changed since then. He may be updating his material soon. (This week??)
– Prepare your training environment a few days in advance: is a dedicated laptop required? vmware installation? what are the OS requirements? You may need much more time to bring everything up to date, making sure everything works (i.e.: driver udpate required). Although I did a few prep on the Sunday evening, I spent all Monday morning configuring my “Lab Laptop”.

– Do not book an exam straigth after the training course. Although it is tempting because everything is fresh in your mind, it also means you have much more pressure to read and digest everything in the course.

– I would recommend you break down the training course over the months you have (The Ondemand courses give you 4 months!). In fact, I would recommend 2 days a week training other 3 weeks. And use the rest of the days to do your lab exercises.

– Be careful with the time the labs require. It can indeed takes much more time that is planned for in the training timetable. This is especially true if you want to do all the exercises, even the optional ones, and if you get curious after learning something new. I.e.: you may want to research a tool you have just used on the internet, check if there is a new version, install it, realise you need to compile it and that you do not have the right library for this, etc, etc.. You can quickly endup spending 2h on a 10 minutes exercise. Although you would have fully understood it and more, you will also be feeling the pressure to catch up on the training plan!

– Do the two practise tests! they are really close to the real thing! do them in the same conditions as the exam: do not use your computer to do anything else than answering the multiple questions, print out any notes and see if their format works, block the allocated time, etc.

– Do an extensive index of the course material, this will be invaluable during the exam to conduct a quick search in the training books.

The main, and somewhat obvious, difference between a training at a conference center and one on demand from home is that no one is pushing you to rush.
At a conference, if you only have 25 minutes for a lab exercise, that is it… at home… you may be carried away… As explained above it is easy to get delayed and running behind scheduled.

So of course, you could just be disciplined… but if you are as curious as I am, then I would strongly advise you take your time with this type of training medium!

To conclude, I cannot recommend enough this SANS course. It provides an incredible level of depth related to wireless hacking technics. I found that course eye opening more that once and the ondemand training platform works very well.
I do however regret not taking it at a conference for only one reason, I would have liked to meet Joshua in person!