Mike,
thank you very much, that was very in depth and gave me a very good
jumping off point. I will take your advise to heart.
Mike Garfias wrote:
> Then start hitting the the various bugtracking lists, the IRC
> channels discussing these sorts of things. Become good at finding
> minimal-day exploits and figuring out how to use them. Learn to use
> nessus, nmap, metasploit, etc. Read the RFCs for the major
> protocols. Buy a copy of TCP/IP Illustrated and read/understand it.
>
> I'd also find a piece of software you want to exploit (say bind),
> find a vulnerable version of it, and learn how to build and run the
> exploits against it. You need to be familiar with the process of
> exploiting a box/network before you can reliably protect them.
>
> Networking is very very very important. Hacker types tend to clump
> together in groups and help each other learn. Find them and become
> one of them. The side benefit of that is that they also tend to help
> each other find jobs.
>
> Once you have the background then look into the CISSP. But I'm
> willing to bet by then you'll be employed.
>
> On Aug 28, 2007, at 5:51 PM, Ray Cantwell wrote:
>
>
>> I think i am leaning more toward the pen-test, network security
>> side of
>> the fence.
>>
>>
>> Mike Garfias wrote:
>>
>>> I think it really depends on what you want to do.
>>>
>>> Simple scanning of client systems looking for vulns? Or do you want
>>> to be someone giving talks at Defcon? Do you want to do QA or dev on
>>> security software? All have different paths.
>>>
>>> Before I can give you more advice I need to know more.
>>>
>>> On Aug 28, 2007, at 12:59 PM, Ray Cantwell wrote:
>>>
>>>
>>>
>>>> Hello,
>>>> Sorry to post here but, i know that a few of you out there are
>>>> currently
>>>> working in the field of security. I was wondering if any of you
>>>> have any
>>>> advise for someone trying to break in to the field, i am finding it
>>>> very
>>>> hard to find someone willing to a new guy a chance.
>>>> Thank you,
>>>> Ray
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>>
>>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>> !DSPAM:14,46d4c32c38421720972052!
>>
>>
>>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)