OT: Security Begginer

Mike Garfias mike at garfias.org
Tue Aug 28 18:11:42 MST 2007 

Then start hitting the the various bugtracking lists, the IRC  
channels discussing these sorts of things.  Become good at finding  
minimal-day exploits and figuring out how to use them.  Learn to use  
nessus, nmap, metasploit, etc.  Read the RFCs for the major  
protocols.  Buy a copy of TCP/IP Illustrated and read/understand it.

I'd also find a piece of software you want to exploit (say bind),  
find a vulnerable version of it, and learn how to build and run the  
exploits against it.  You need to be familiar with the process of  
exploiting a box/network before you can reliably protect them.

Networking is very very very important.  Hacker types tend to clump  
together in groups and help each other learn.  Find them and become  
one of them.  The side benefit of that is that they also tend to help  
each other find jobs.

Once you have the background then look into the CISSP.  But I'm  
willing to bet by then you'll be employed.

On Aug 28, 2007, at 5:51 PM, Ray Cantwell wrote:

> I think i am leaning more toward the pen-test, network security  
> side of
> the fence.
>
>
> Mike Garfias wrote:
>> I think it really depends on what you want to do.
>>
>> Simple scanning of client systems looking for vulns?  Or do you want
>> to be someone giving talks at Defcon?  Do you want to do QA or dev on
>> security software?  All have different paths.
>>
>> Before I can give you more advice I need to know more.
>>
>> On Aug 28, 2007, at 12:59 PM, Ray Cantwell wrote:
>>
>>
>>> Hello,
>>> Sorry to post here but, i know that a few of you out there are
>>> currently
>>> working in the field of security. I was wondering if any of you
>>> have any
>>> advise for someone trying to break in to the field, i am finding it
>>> very
>>> hard to find someone willing to a new guy a chance.
>>> Thank you,
>>> Ray
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> !DSPAM:14,46d4c32c38421720972052!
>
>

More information about the PLUG-discuss mailing list