Hi Lisa, Seeing as you have experience in the security field I have a similar but slightly different question for you. I've been working in the Linux admin/dev field for about 6 years now and security is something that's always interested me but I've always felt I didn't quite have the skills to cut it. I'm familiar with a lot of the concepts and can comfortably use tools like metasploit, nmap and ssh tunnels but those seem pretty introductory to me. I've been able to write buffer overflow exploits in a lab setting (like here's some unsanatized input, go write some shell code with a NOP sled to exploit it) and same for things like SQL injections, it seems easy in the context of web goat but make the leap to real live code has just seemed too difficult. My actual question is what's the best way for a reasonably knowledgable admin or developer to break into security and get enough experience to merit actually being paid for that sort of work? -- Paul Mooring Systems Engineer and Customer Advocate www.opscode.com From: Lisa Kachold > Reply-To: Main PLUG discussion list > Date: Tuesday, March 12, 2013 7:27 PM To: Main PLUG discussion list > Subject: Re: Linux security focus Hello Blake, There is always a big need for Linux/Unix/Windows security people. Security generally involves all attack vectors in a corporate environment. The type of work you do often centers around scanning and/or ticket hockey type work. You are generally told to state X irregardless of the technical details of the issue. I have worked extensively in Unix/Linux/Internet Service Provider security, and I prefer Linux/Unixt systems administration. Getting certifications is your ticket to working at any of the big shops. Also, there are a good deal of contract positions open right now, because people are gun shy (pardon my pun) of recession based changes. All of us have had to come to terms with the reality of contract work (the gold watch and retirement plan went away with our parents generation) and short term employment. The average Linux Administrator position is about 26 months (varies by survey). Security contracts are often 12 months or less. You certainly need to keep up with all security related news and use some of the tools (Metasploit, aircrack-ng, nmap, ssh tunneling) and technologies (network OSI stack up related to TCP/IP. Come to our Hackfests at DeVry University the first Saturday of every month 11-2, where we have more than a few people who can get into anything, work in some of the big shops in town, and join us as we attack virtual systems (setup with multiple exploits for your edification). Hope to see you there? On Tue, Mar 12, 2013 at 6:55 PM, blake gonterman > wrote: Hello all, I attended a few of the stammtisches a few years back, but kind of fell out of the Linux community... I've been working at a medium sized company trying to figure out where to go next. A coworker of mine is suggesting I go down the road of Unix security. To that end, I've built a small lab at home and have started getting back into learning to tools available. I'm not looking for a glamorous pentesting position, just a functional security position focused on Linux. I'm curious what people already in the field are focused on these days. I have quite a bit of experience with FIM (tripwire) and I'm focused on mcafee Web gateway at work currently. Once my contract is over at the end of the year, I want to focus on more Linux relayed work. So, is there a need for a dedicated Linux security person here in the valley, or should I focus on the sysadmin portion and work security into the mix? By the way, I have the RHCSA certificate, I just decided standard sysadmin work wasn't for me. Any input is welcome. Thank you, Blake --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: http://lists.phxlinux.org/mailman/listinfo/plug-discuss -- (503) 754-4452 Android (623) 239-3392 Skype (623) 688-3392 Google Voice ** it-clowns.com Chief Clown