Page 3 of 6 FirstFirst 12345 ... LastLast
Results 21 to 30 of 57

Thread: Pentester Interview

  1. #21
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by pureh@te View Post
    In my short experience its mostly trouble shooting, the key for me is figuring out whats going wrong. I can 99% of the time find the fix on google but its the diagnosis thats important
    True indeed, Troubleshooting is an invaluable skill to have.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  2. #22
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by g3ksan View Post
    My job sucks, but I get what you are saying.

    It's not about answering the questions, I'm sure you've heard the saying, "Give a man a fish, you feed him for a day. Teach a man to fish, you feed him for a lifetime" It applies, and honestly if you don't think outside/around/etc the box, then you can't really succeed in IT or in infosec. IT people deal with a lot of fly-by-night technicians with their A+ and Network+ who don't know how to do anything besides pass a test. The field is filled with worms.
    Your job sucks because you have the wrong viewpoint of that phrase. Here's what I have posted above my desk.

    "Build a man a fire, he'll be warm for the night, set a man on fire, he'll be warm for the rest of his life".

    As I said before, a little bit of user's blood on the walls, keeps the rest in line. I do agree with you, there's a lot of people in the field that fell for the radio advertisements for high paying jobs in IT, and they think they're skilled in because they can download, and write inane posts on twatter.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #23
    Just burned his ISO Wisdom's Avatar
    Join Date
    Oct 2009
    Posts
    19

    Default

    Quote Originally Posted by streaker69 View Post
    Your job sucks because you have the wrong viewpoint of that phrase. Here's what I have posted above my desk.

    "Build a man a fire, he'll be warm for the night, set a man on fire, he'll be warm for the rest of his life".

    As I said before, a little bit of user's blood on the walls, keeps the rest in line. I do agree with you, there's a lot of people in the field that fell for the radio advertisements for high paying jobs in IT, and they think they're skilled in because they can download, and write inane posts on twatter.
    I'm going back to studying,you guys make me feel to little.
    The forums are addicting.I twitch if I go a day with out remote-exploit.Who would ever thought linux and w.e.p. cracking who lead to this.:D I'M A BACKTRACK JUNKIE.

  4. #24
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by streaker69 View Post
    "Build a man a fire, he'll be warm for the night, set a man on fire, he'll be warm for the rest of his life".
    That's great. I think I just found my next signature for the forums.

    Quote Originally Posted by pureh@te View Post
    In my short experience its mostly trouble shooting, the key for me is figuring out whats going wrong. I can 99% of the time find the fix on google but its the diagnosis thats important
    Id agree with this. The key is being able to think about problems logically, to get as much information as you can about whats going on (using diagnostics tools as well as Internet research), and then to apply that knowledge to solve the problem. For the more difficult problems, this process is usually iterative, e.g. you will search for an error message, it will suggest a solution, that changes the results you get slightly, you search again, find new information and repeat.

    Just about all of the posts I see on the forum relating to problems in BT could be solved using this method, and most will be solvable in one step.

    Quote Originally Posted by g3ksan View Post
    Yeah, honestly. I do IT work and I've learned all my skills from experience and self-learning. I don't get why people that do the work we do have to have a degree to get through HR departments for interviews, but c'est la vie
    There's a few reasons. A University Degree:
    • Is something quantifiable that you can demonstrate you have achieved in a resume. It helps narrow down a list of candidates
    • Shows you can commit to something for a period of years and follow through and complete it
    • Develops your reading and writing skills to a level that is needed in many higher level IT positions
    • Teaches you how to think critically (depending on the quality of the institution of course. Post grad courses are usually better for this)
    • Establishes a base of knowledge that is needed for many IT jobs. The tendency when you teach yourself is to learn only the stuff that you find interesting, and that is usually not the exact same set of skills you may need in a job. (So basically it forces you to learn stuff you may not want to learn but probably need to)
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  5. #25
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    5

    Default

    I have learned a lot by searching this forum.. I have learned even more from reading through this thread and watching those videos. I'm very new to Info Sec and am going back to school because I got laid off from another industry.

    This thread is great!

  6. #26
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Quote Originally Posted by g3ksan View Post
    IT people deal with a lot of fly-by-night technicians with their A+ and Network+ who don't know how to do anything besides pass a test. The field is filled with worms.
    First off the Net+ exam is not that easy. Second while I agree there are many people who give the field a bad name, but you shouldn't judge a book by its cover. There are many good IT people who have no certifications. I have both A+ and Net+ certifications but what I think sets me aside from most is that I'm passionate about the IT field. I take the time to learn as much as I can by myself and try to expand my knowledge in many aspects. I would do my work for free if it put food on my table and paid my bills but that of course is not realistic. I take this somewhat personally even though I know it isn't geared towards me, so I hope that you aren't looking at everyone with A+ and Net+ certs with a blind eye and automatically assuming they are crap.

    Really the only reason I have certs is to get my foot in the door. Without them I would be struggling to find any employer to even look at my resume.
    As far as getting a college degree in IT I think that it is unnecessary but probably quite helpful in doing the same thing certs will do. It's all about experience in IT. But many employers don't realize this or consider it a secondary requirement. If you want to get into infosec I think you need to get experience. Take it in steps and set yourself goals towards a career you will enjoy. Make sure it's what you want before you jump into it.

  7. #27
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    Quote Originally Posted by hhmatt81 View Post
    . I take this somewhat personally even though I know it isn't geared towards me, so I hope that you aren't looking at everyone with A+ and Net+ certs with a blind eye and automatically assuming they are crap.

    Really the only reason I have certs is to get my foot in the door. Without them I would be struggling to find any employer to even look at my resume.
    I have nothing against either of those certs and I didn't mean to piss anyone off. Full disclosure, I have my A+, worked on my Network+ and decided after studying for it that it was a good primer to have for my CCNA and decided to spend my money on that instead. I get what certs try to do, I'm just sick of dealing with crummy techs with the alphabet behind their name, who get paid more than me and can't tell me the difference between a 24bit or 16bit subnet.

    That's a good goal to have. I don't think that certfications make someone retarded, I just think the weight that is placed in them is. If things worked out like they should, having certifications would mean that you are an expert on the subject matter you are certified on, and we'd also have unicorns to ride into work.
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  8. #28
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by g3ksan View Post
    I have nothing against either of those certs and I didn't mean to piss anyone off. Full disclosure, I have my A+, worked on my Network+ and decided after studying for it that it was a good primer to have for my CCNA and decided to spend my money on that instead. I get what certs try to do, I'm just sick of dealing with crummy techs with the alphabet behind their name, who get paid more than me and can't tell me the difference between a 24bit or 16bit subnet.

    That's a good goal to have. I don't think that certfications make someone retarded, I just think the weight that is placed in them is. If things worked out like they should, having certifications would mean that you are an expert on the subject matter you are certified on, and we'd also have unicorns to ride into work.
    I agree with this and have had many similar experiences with people with alphabet soup titles. My friends have their certs, I do not, because I just really never needed them. My resume speaks for itself, but I worked long and hard to get my resume to where it is.

    Unless I know the person well, or have vetted them through my own methods, I view anyone with certs as suspect until they can properly prove themselves. Not saying that everyone with certs is a total boob, since there's a lot of guys here that I do respect in their knowledge, but I think many of the guys here with certs got them just to make the HR drones happy.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #29
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by lupin View Post
    There's a few reasons. A University Degree:
    • Is something quantifiable that you can demonstrate you have achieved in a resume. It helps narrow down a list of candidates
    • Shows you can commit to something for a period of years and follow through and complete it
    • Develops your reading and writing skills to a level that is needed in many higher level IT positions
    • Teaches you how to think critically (depending on the quality of the institution of course. Post grad courses are usually better for this)
    • Establishes a base of knowledge that is needed for many IT jobs. The tendency when you teach yourself is to learn only the stuff that you find interesting, and that is usually not the exact same set of skills you may need in a job. (So basically it forces you to learn stuff you may not want to learn but probably need to)
    I've got to say Lupin, it's pretty sad that under the current educational systems, that those skills have to be obtained at the university level. I'd say the first two are questionable; I've yet to see some with a university degree who still doesn't require a lot of on the job training, and as to sticking with school, it the reality for most students is it just means that Daddy kept writing the checks. A job history is a lot more telling in my mind. As to reading and writing, the basics should have been completed by the Eighth Grade (US). Personally, it's anathema to me that critical thinking should only be taught as a skill in postgrad courses. That is a life skill that has to be taught by parents starting with pre-school children.

    The last one is the only thing that I'd expect to that a university should actually be teaching.
    Thorn
    Stop the TSA now! Boycott the airlines.

  10. #30
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Quote Originally Posted by g3ksan View Post
    I have nothing against either of those certs and I didn't mean to piss anyone off. Full disclosure, I have my A+, worked on my Network+ and decided after studying for it that it was a good primer to have for my CCNA and decided to spend my money on that instead. I get what certs try to do, I'm just sick of dealing with crummy techs with the alphabet behind their name, who get paid more than me and can't tell me the difference between a 24bit or 16bit subnet.

    That's a good goal to have. I don't think that certfications make someone retarded, I just think the weight that is placed in them is. If things worked out like they should, having certifications would mean that you are an expert on the subject matter you are certified on, and we'd also have unicorns to ride into work.
    I'm not pissed off at you or anyone here for that matter. I completely understand and agree with what you're saying.

Page 3 of 6 FirstFirst 12345 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •