OT: Security Begginer

Ray Cantwell hacktavist at cox.net
Tue Aug 28 19:58:06 MST 2007


Mike,
thank you very much, that was very in depth and gave me a very good 
jumping off point. I will take your advise to heart.

Mike Garfias wrote:
> Then start hitting the the various bugtracking lists, the IRC  
> channels discussing these sorts of things.  Become good at finding  
> minimal-day exploits and figuring out how to use them.  Learn to use  
> nessus, nmap, metasploit, etc.  Read the RFCs for the major  
> protocols.  Buy a copy of TCP/IP Illustrated and read/understand it.
>
> I'd also find a piece of software you want to exploit (say bind),  
> find a vulnerable version of it, and learn how to build and run the  
> exploits against it.  You need to be familiar with the process of  
> exploiting a box/network before you can reliably protect them.
>
> Networking is very very very important.  Hacker types tend to clump  
> together in groups and help each other learn.  Find them and become  
> one of them.  The side benefit of that is that they also tend to help  
> each other find jobs.
>
> Once you have the background then look into the CISSP.  But I'm  
> willing to bet by then you'll be employed.
>
> On Aug 28, 2007, at 5:51 PM, Ray Cantwell wrote:
>
>   
>> I think i am leaning more toward the pen-test, network security  
>> side of
>> the fence.
>>
>>
>> Mike Garfias wrote:
>>     
>>> I think it really depends on what you want to do.
>>>
>>> Simple scanning of client systems looking for vulns?  Or do you want
>>> to be someone giving talks at Defcon?  Do you want to do QA or dev on
>>> security software?  All have different paths.
>>>
>>> Before I can give you more advice I need to know more.
>>>
>>> On Aug 28, 2007, at 12:59 PM, Ray Cantwell wrote:
>>>
>>>
>>>       
>>>> Hello,
>>>> Sorry to post here but, i know that a few of you out there are
>>>> currently
>>>> working in the field of security. I was wondering if any of you
>>>> have any
>>>> advise for someone trying to break in to the field, i am finding it
>>>> very
>>>> hard to find someone willing to a new guy a chance.
>>>> Thank you,
>>>> Ray
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>         
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>>
>>>       
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>> !DSPAM:14,46d4c32c38421720972052!
>>
>>
>>     
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>   



More information about the PLUG-discuss mailing list