Mike, thank you very much, that was very in depth and gave me a very good jumping off point. I will take your advise to heart. Mike Garfias wrote: > Then start hitting the the various bugtracking lists, the IRC > channels discussing these sorts of things. Become good at finding > minimal-day exploits and figuring out how to use them. Learn to use > nessus, nmap, metasploit, etc. Read the RFCs for the major > protocols. Buy a copy of TCP/IP Illustrated and read/understand it. > > I'd also find a piece of software you want to exploit (say bind), > find a vulnerable version of it, and learn how to build and run the > exploits against it. You need to be familiar with the process of > exploiting a box/network before you can reliably protect them. > > Networking is very very very important. Hacker types tend to clump > together in groups and help each other learn. Find them and become > one of them. The side benefit of that is that they also tend to help > each other find jobs. > > Once you have the background then look into the CISSP. But I'm > willing to bet by then you'll be employed. > > On Aug 28, 2007, at 5:51 PM, Ray Cantwell wrote: > > >> I think i am leaning more toward the pen-test, network security >> side of >> the fence. >> >> >> Mike Garfias wrote: >> >>> I think it really depends on what you want to do. >>> >>> Simple scanning of client systems looking for vulns? Or do you want >>> to be someone giving talks at Defcon? Do you want to do QA or dev on >>> security software? All have different paths. >>> >>> Before I can give you more advice I need to know more. >>> >>> On Aug 28, 2007, at 12:59 PM, Ray Cantwell wrote: >>> >>> >>> >>>> Hello, >>>> Sorry to post here but, i know that a few of you out there are >>>> currently >>>> working in the field of security. I was wondering if any of you >>>> have any >>>> advise for someone trying to break in to the field, i am finding it >>>> very >>>> hard to find someone willing to a new guy a chance. >>>> Thank you, >>>> Ray >>>> --------------------------------------------------- >>>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>>> >>>> >>>> >>>> >>>> >>>> >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> >>> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> !DSPAM:14,46d4c32c38421720972052! >> >> >> > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss