Interested in Security?

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Are you interested in IT Security?
Do you want to track down attacks on your network? and stop virii before it strikes? are you heading toward an MCSE:Security but want to know more?

Here is a quick few pointers to bear in mind for the budding security professional, this is by no means a deffinative or perhaps even accurate list, this is based soley on my experiance as a security professional and discussions with other infosec pros

1. Learn Linux, yeah I know, what a way to start it, I must be a Microsoft basher, on the contrary, I love my windows XP box, however there are numerous draw backs to it from a security viewpoint, firstly MS have crippled the TCP/IP stack for security reasons, making it harder to DDoS from a windows XP system, but also limiting what us techs can do when we are troubleshooting/scanning, 90% of all security tools are built on linux, windows ones are often just mimics of the OSS ones with fancy GUIs and fancy price tags, learn linux, and learn the core set of tools that an infosec professional uses, these are things like ettercap, nmap, nessus, ethereal and tcpdump along with many others (those are primarily scanning and data gathering tools) alot of them have been ported to windows but lose alot of thier functionality in the process due to again, that crippled tcp/ip stack
2. Learn TCP, all of it, TCP is the fundemental building block of the internet, and learning how it operates at its most basic layer is key to understanding network security, i know all those flags and 1s and 0s may well be confusing at the moment, but trust me, learn TCP, learn its headers, its options, what does what, what goes where, and you will be a step closer to learning how to be a true security professional in the current interconnected world we live and work in
3. Learn Binary, yup, bet you saw that one coming, coupled with TCP binary is another one of those shady things you knew about but didnt know much about, learn it, learn its conversions, learn how to calculate it in your head, live and breath 1s and 0s, it all matters, really!
4. Practice! thats right, get a friend, or a few friends, at different locations, with different configs, and practice! let them scan you and view your logs, view your tcpscans and see what you can immediatly pick up on, what stands out? learn those log files, work out what goes where and what it all means, when the time comes for you to evaluate a real threat, you will know what is what, and why its there, or why its out of place

Ofcourse this is not a deffinative guide, theres no easy way to become a security professional, its a varied and challenging role thats ever changing in the current climate, you would do best to learn those fundementals whilst keeping abreast of new changes and new events that might cause you concern
Good luck in your endeavour to become an IT Security Professional.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Excellent Phoenix - thanks.