1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Interested in Security?

Discussion in 'Computer Security' started by Phoenix, Apr 28, 2005.

  1. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    Are you interested in IT Security?
    Do you want to track down attacks on your network? and stop virii before it strikes? are you heading toward an MCSE:Security but want to know more?

    Here is a quick few pointers to bear in mind for the budding security professional, this is by no means a deffinative or perhaps even accurate list, this is based soley on my experiance as a security professional and discussions with other infosec pros

    1. Learn Linux, yeah I know, what a way to start it, I must be a Microsoft basher, on the contrary, I love my windows XP box, however there are numerous draw backs to it from a security viewpoint, firstly MS have crippled the TCP/IP stack for security reasons, making it harder to DDoS from a windows XP system, but also limiting what us techs can do when we are troubleshooting/scanning, 90% of all security tools are built on linux, windows ones are often just mimics of the OSS ones with fancy GUIs and fancy price tags, learn linux, and learn the core set of tools that an infosec professional uses, these are things like ettercap, nmap, nessus, ethereal and tcpdump along with many others (those are primarily scanning and data gathering tools) alot of them have been ported to windows but lose alot of thier functionality in the process due to again, that crippled tcp/ip stack
    2. Learn TCP, all of it, TCP is the fundemental building block of the internet, and learning how it operates at its most basic layer is key to understanding network security, i know all those flags and 1s and 0s may well be confusing at the moment, but trust me, learn TCP, learn its headers, its options, what does what, what goes where, and you will be a step closer to learning how to be a true security professional in the current interconnected world we live and work in :)
    3. Learn Binary, yup, bet you saw that one coming, coupled with TCP binary is another one of those shady things you knew about but didnt know much about, learn it, learn its conversions, learn how to calculate it in your head, live and breath 1s and 0s, it all matters, really!
    4. Practice! thats right, get a friend, or a few friends, at different locations, with different configs, and practice! let them scan you and view your logs, view your tcpscans and see what you can immediatly pick up on, what stands out? learn those log files, work out what goes where and what it all means, when the time comes for you to evaluate a real threat, you will know what is what, and why its there, or why its out of place
    Ofcourse this is not a deffinative guide, theres no easy way to become a security professional, its a varied and challenging role thats ever changing in the current climate, you would do best to learn those fundementals whilst keeping abreast of new changes and new events that might cause you concern
    Good luck in your endeavour to become an IT Security Professional. :)
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  2. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    Excellent Phoenix - thanks. :)
    Certifications: MCP, A+, Network+
    WIP: Clarity

Share This Page