The TCP/IP Guide, Accelerated C++, Visual C++.Net The Compelete Reference

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

The TCP/IP Guide: http://www.amazon.com/TCP-Guide-Comprehensive-Illustrated-Protocols/dp/159327047X

Accelerated C++: http://www.amazon.com/Accelerated-C-Practical-Programming-Example/dp/020170353X

Visual C++.Net - The Compelete Reference: http://doi.contentdirections.com/mr/mgh.jsp?doi=10.1036/0072129581


Right basically to start with i want to get into Network Security and penetration testing. I will be starting to study CCNA in about a month. I have been told the books above are crucial for learning Networking and C++. Now all i need a 1 or 2 security related books.

I already have the following Security book: http://www.sybex.com/WileyCDA/SybexTitle/productCd-0782141447.html

but i find it a bit useless as you would have to have read the other sybex books in the series to actually understand what its talking about.

Any advice would be appereciated.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

They are all excellent books, I've actually met Andrew Koenig and Barbara Moo and they really know their stuff. Andrew even has part of the C++ spec named after him 'Koenig lookup'.

You will not pick up all the topics immediately, studying a language like C++ and picking up a framework like .Net is going to take you at least a couple of years. Likewise with much of the networking knowledge.

Best of luck with your choose career path, stick to the path and you'll get there eventually !

 

Interesting. You need C++ and .Net for Security? That seems quite a tall order along with the other requirements.

Harry.

 

Thank you im hoping to go into Security Penetration at the end, so really for me to get into that id need to know programming, networking and network security

 

sorry who told you, you need programming to get into security penetration?

From CWJobs.co.uk might help you a little
http://www.cwjobs.co.uk/JobSearch/Results.aspx?Keywords=penetration+tester&Radius=5

 

I found this a good intro into C++

Essential C++

Seems to cover the basics well, of course I'd already read The C++ Programming Language three times by the time I came to it !

I'd have thought you might find mastering networking and programming at the same time challenging. You do have a valid point though in that to create exploits you would need a deep understanding of many areas.

Security is a cross cutting concern that covers all areas, people around here seem to focus on infrastructure hardening.

 

Thanks for the link, but dont you need to be able to read and write vunribalities? Or at least be able to read them?

 

I'd imagine a lot of pen testers just reuse well known exploits, they are just 'Testers' running scripts. The interpretation of the results or creation of exploits does require a little more know how.

 

exactly :P so i would need to know programming if im going to be able to read the exploit, configure it and then execute it hehehehe

 

Well I'm no pen tester, but heres how I see it.

Chances are you will need to join as a junior, the tools and processes will probably already be defined for you. It probably won't be until later in your career you get to mess with stuff more.

The tools/scripts/exploits could be written in any one of many languages, C++ may or may not be relevant. Assembler may be required to make use of buffer exploits, javascript for cross site scripting, SQL for SQL injection, assembler for dissassembling code and performing static analysis. Then theres the knowledge of networking protocols and their weaknesses, Social engineering, file encryption, physical security, the list is endless.

 

ahh ok so i shouldnt really bother about the programming that much at this stage just concentrate on networking and security. Thanks

 

what IT experience and certifications do you hold?

 

Nothing at the moment.

 

You know that you can't really jump into networking security and penetration testing without several years of IT experience, right? Would see you hate to spend a bunch of time and effort just to find this out the hard way...