Where to start if you want to embark on a Network Security career?
- Thread starter CoolTech
- Start date
DannyBoy
Diamond Member
Start by getting a certified networking qualification behind you, for instance CCNA.
Then take an extended course in security, and learn as much as you can from whatever available resources.
It might be worth getting into certain areas of computer programming too, dependant on what type of security you want to deal with
Then take an extended course in security, and learn as much as you can from whatever available resources.
It might be worth getting into certain areas of computer programming too, dependant on what type of security you want to deal with
SaigonK
Diamond Member
I am interesetd in IT Security as well, i think it would be a blast to do.
Of course, i need to get off my arse and move forward with those plans.
Of course, i need to get off my arse and move forward with those plans.
CoolTech, learn UNIX. Linux, OpenBSD, and Solaris in particular. Learn Windows if you haven't already. Learn the IP protocol suite, and the IEEE Ethernet protocol suite.
That should keep you busy for a little while, but are the foundation on which to build such a specialization.
I'm very anti-certification. I've met too many people who have a lot of four-letter acronyms on their resume but don't *know anything*. The way you really learn this stuff is by doing, and to break the catch-22 of not being able to be employed doing it without knowing it, you should set up a test bed at home (a few PCs and a switch can do wonders) and learn as much as you can self-directed.
That should keep you busy for a little while, but are the foundation on which to build such a specialization.
I'm very anti-certification. I've met too many people who have a lot of four-letter acronyms on their resume but don't *know anything*. The way you really learn this stuff is by doing, and to break the catch-22 of not being able to be employed doing it without knowing it, you should set up a test bed at home (a few PCs and a switch can do wonders) and learn as much as you can self-directed.
I am in this industry. It's an interesting field to be involved in, and pretty challenging sometimes. I'd say that a college degree is a good start, and unless you really know someone you're going to have trouble getting started without one.
Certifications are nice, but dont focus on them. Real-world experience is better than having letters after your name any day of the week. All I hold is a CCNA and that's only because I deal with a lot of Cisco equipment.
I personally think Vendor-neutral certs like the CISSP are a great way to go until you get into a job with customers running specific equipment. Some employers might want you to have those certs before you get hired, but if you're looking for anything as a starting point for security certs, CISSP is where I'd look. CCNA is great for general networking and cisco knowledge...but dont think that a CCNA is going to catch you up with the rest of the industry in general networking knowledge.
Like cmetz said, you need to know the basics before you ever even worry about a certification. Learn all versions of Windows, Unix, Linux, FreeBSD, and all the others you can get your hands on. You need to learn how processes work, stacks, overflows, and all that other good kernel-level stuff.Learn all about TCP/IP. Knowing C/C++ is pretty good too. You need to know a lot about LAN and WAN routing and switching too and all the technologies that go along with that (Ethernet, Frame Relay, ISDN, ATM, etc) unless you only want to focus on application security.
Theres a ton of information you're going to have to learn...this is a hard field to get into, so make sure you really want to do it and you're serious and going to give it a 110% effort before you get into it. Anything less and you're doing a disservice to any of your potential customers.
Certifications are nice, but dont focus on them. Real-world experience is better than having letters after your name any day of the week. All I hold is a CCNA and that's only because I deal with a lot of Cisco equipment.
I personally think Vendor-neutral certs like the CISSP are a great way to go until you get into a job with customers running specific equipment. Some employers might want you to have those certs before you get hired, but if you're looking for anything as a starting point for security certs, CISSP is where I'd look. CCNA is great for general networking and cisco knowledge...but dont think that a CCNA is going to catch you up with the rest of the industry in general networking knowledge.
Like cmetz said, you need to know the basics before you ever even worry about a certification. Learn all versions of Windows, Unix, Linux, FreeBSD, and all the others you can get your hands on. You need to learn how processes work, stacks, overflows, and all that other good kernel-level stuff.Learn all about TCP/IP. Knowing C/C++ is pretty good too. You need to know a lot about LAN and WAN routing and switching too and all the technologies that go along with that (Ethernet, Frame Relay, ISDN, ATM, etc) unless you only want to focus on application security.
Theres a ton of information you're going to have to learn...this is a hard field to get into, so make sure you really want to do it and you're serious and going to give it a 110% effort before you get into it. Anything less and you're doing a disservice to any of your potential customers.
Learn how to hack!
Learn TCP/IP INSIDE and OUT and as Cmetz said, learn UNIX (or some form of 'nix) Real hackers (and of course security guys) use Unix not windows (altho you need to know how to hack and secure both).
If you have no sys admin type background, get one real quick.
Learn TCP/IP INSIDE and OUT and as Cmetz said, learn UNIX (or some form of 'nix) Real hackers (and of course security guys) use Unix not windows (altho you need to know how to hack and secure both).
If you have no sys admin type background, get one real quick.
And if you're going to be a security professional, you need to make the following websites a part of your daily life:
dshield.org
gtoc.iss.net
sans.org
trendmicro.com
www.cert.org
securityfocus.com
eweek.com
Theres also a few lists you should subscribe to, such as:
BugTraq
NT BugTraq
Dshield
SecurityFocus Incidents
ISS
CERT
I'd also highly recommend that at your home you have a 'sacrificial lamb' box that you dont care about loaded with Windows XP (if you have more servers, you can put other OS's on them like 2000, 2003, Linux, etc) and all the latest patches. Dont put a firewall or router in front of it, just put a packet capturing utility on there that can save logs to another pc (with a firewall setup to only allow the particular port (or application) necessary to log from the packet capturer) so if it crashes you can view the stream that crashed it. If its completely patched up with all the latest stuff and you're on a network like RoadRunner or Comcast or something, you should be one of the first to get hit with whatever new worm is out there roaming the net. This is how I found blaster, and I told my boss about 18 hours before we ever saw the worm try to penetrate our network. Early warning can be a good thing sometimes. If nothing else to just let your boss know that you're on the ball.
I'd also recommend you to build your own test network, buy some stuff off Ebay...you dont need to worry about warranties or whatever. You just need a couple good switches and a good router or two and a nice firewall so as you learn about new concepts like VLAN's and VPN's and other stuff you can actually implement them on your test network and REALLY grasp the concept.
Like I said in my earlier post, theres a lot of info out there, and this requires a LOT of devotion to be a good security engineer. I'm assuming you're already familiar with the IT industry and know to expect phone calls and pages at obscene hours of the morning waking you up, and working for 2 or 3 days straight, and at times having very little time for a social life. You're going to probably spend a couple years learning everything in the OSI model from Layer 1 to Layer 7 in depth and really understand what you're cramming into your brain. Dont expect to study for 6 months and then land an 80k/yr job. You need to do this for your love of the work, not the money. If you love the work, the work will eventually reward you.
I dont mean to preach, I just aim to convey the amount of dedication that the security field requires to really be a good professional. This goes for a lot of other network/systems engineering jobs in the IT/IS field as well. I've come across a lot of people that call themselves "security professionals" and the extent of their network security is network-wide antivirus and a firewall. It goes a lot deeper than that...for instance: what if a user gets an email with a virus that your anti-virus software doesnt know about yet, or perhaps your server errored out downloading the newest updates and your clients arent patched, or perhaps some new backdoor is embedded in a .jpg or animated .gif file and your antivirus software doesnt scan those. Theres so many ways to get screwed out there, you ALWAYS have to stay on top of things.
dshield.org
gtoc.iss.net
sans.org
trendmicro.com
www.cert.org
securityfocus.com
eweek.com
Theres also a few lists you should subscribe to, such as:
BugTraq
NT BugTraq
Dshield
SecurityFocus Incidents
ISS
CERT
I'd also highly recommend that at your home you have a 'sacrificial lamb' box that you dont care about loaded with Windows XP (if you have more servers, you can put other OS's on them like 2000, 2003, Linux, etc) and all the latest patches. Dont put a firewall or router in front of it, just put a packet capturing utility on there that can save logs to another pc (with a firewall setup to only allow the particular port (or application) necessary to log from the packet capturer) so if it crashes you can view the stream that crashed it. If its completely patched up with all the latest stuff and you're on a network like RoadRunner or Comcast or something, you should be one of the first to get hit with whatever new worm is out there roaming the net. This is how I found blaster, and I told my boss about 18 hours before we ever saw the worm try to penetrate our network. Early warning can be a good thing sometimes. If nothing else to just let your boss know that you're on the ball.
I'd also recommend you to build your own test network, buy some stuff off Ebay...you dont need to worry about warranties or whatever. You just need a couple good switches and a good router or two and a nice firewall so as you learn about new concepts like VLAN's and VPN's and other stuff you can actually implement them on your test network and REALLY grasp the concept.
Like I said in my earlier post, theres a lot of info out there, and this requires a LOT of devotion to be a good security engineer. I'm assuming you're already familiar with the IT industry and know to expect phone calls and pages at obscene hours of the morning waking you up, and working for 2 or 3 days straight, and at times having very little time for a social life. You're going to probably spend a couple years learning everything in the OSI model from Layer 1 to Layer 7 in depth and really understand what you're cramming into your brain. Dont expect to study for 6 months and then land an 80k/yr job. You need to do this for your love of the work, not the money. If you love the work, the work will eventually reward you.
I dont mean to preach, I just aim to convey the amount of dedication that the security field requires to really be a good professional. This goes for a lot of other network/systems engineering jobs in the IT/IS field as well. I've come across a lot of people that call themselves "security professionals" and the extent of their network security is network-wide antivirus and a firewall. It goes a lot deeper than that...for instance: what if a user gets an email with a virus that your anti-virus software doesnt know about yet, or perhaps your server errored out downloading the newest updates and your clients arent patched, or perhaps some new backdoor is embedded in a .jpg or animated .gif file and your antivirus software doesnt scan those. Theres so many ways to get screwed out there, you ALWAYS have to stay on top of things.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter