Trying to "crack" into IT Security

[aliasneo]

Hi All,

I have been a Server Administrator for about 4 years, mostly VMware and Windows server administration. I also do some network management switching and routing. Recently, I have been very interested in getting involved in the IT Security field, and knowing my Microsoft and VMware certifications will not help me in this field. I want to know what skills are essential for someone in IT security, and I figured this was the best place to start. I would assume a programming background would be essential, which is something I do not have, but will learn if needed. I did a little programming in College and really understand the logic, just more need to learn the languages. In your professional opinions could you tell me a little about what skills are needed and what stills useful? Also if you are in the field currently.

Thanks for your time.

[scottm99]

Well...I'm not in the field full-time (I wear the security hat at work on a regular basis) so bear that in mind My responses will likely differ from the security pros, but here's my take. I come from a programming background, so having that has been really helpful. In terms of languages, I'd say python & perl (since a lot of tools in BT are one or the other). Having a working knowledge of bash scripting is very useful. More important than coding, though, is a strong knowledge of networking & TCP/IP. How are your *nix skills? Getting comfortable with nmap & metasploit has worked well for me. Of course, there's the Offensive Security training That's on my to-do list, once I feel ready. You might also find this link useful

[Kikks]

Well...I'm not in the field full-time (I wear the security hat at work on a regular basis) so bear that in mind My responses will likely differ from the security pros, but here's my take. I come from a programming background, so having that has been really helpful. In terms of languages, I'd say python & perl (since a lot of tools in BT are one or the other). Having a working knowledge of bash scripting is very useful. More important than coding, though, is a strong knowledge of networking & TCP/IP. How are your *nix skills? Getting comfortable with nmap & metasploit has worked well for me. Of course, there's the Offensive Security training That's on my to-do list, once I feel ready. You might also find this link useful

Thanks! that link was very useful! I'm into networking more than security myself right now.. I have been taking A+ classes, Networking+ classes and, I'm currently studying to get my CCNA. but this is definitely something I will look more into!! Thanks again. I really appreciate it. Sorry for my English.. :S:S:S I'm also learning English hopefully it will continue to get better.

P.L.U.R.R.

[inu11byte]

Knowledge of TCP/IP is essential, along with understanding networking. I actually have some Ebooks on networking which one of my work mates uploaded to our work server. Here is the DL http://multiupload.com/ALN21LS11U
Knowledge in the area of Programming isn't essential (as long as you can phrase and Google questions correctly) but it does help. I know having a knowledge in the area of C has helped me quite a bit. Learn a programming language for the right reasons though... And not one of those .NET languages that simplify everything.

[Reamer]

I'm not trying to hijack the OP's thread, for this is a question he might have as well.

Where are good resources for learning Python or Perl languages? I do not have a programming background either but I would love to get started with either of these. I have a "ByteofPython" PDF but I haven't been able to spend much time with it as I am in college right now for a networking degree to learn the TCP/IP side of things (get my CCNA within 2 months, woohoo!).

Have any suggestions on learning BASH scripting as well?

Thank you, and again, just trying to ask questions that both the OP (might) and I have.

[seraph]

Officially my title at work is 'Network and Security Architect', however working for a hosting company I tend to wear quite a lot of different hats and still do a lot of Server/network admin.

I wouldn't say programming skills are essential, however they will certainly help you a lot. As scottm pointed out Python and Perl would be on the list of languages to get a working knowledge of, however personally I have taken most to Ruby which helps when delving a little deeper within Metasploit.

Again as scottm pointed out, good networking knowledge is a must. I went down the Cisco route many years ago starting with CCNA and finished up doing the CCSP. This was a good primer, but essentially you are taught 'defensive security'. It wasn't until I did the Offensive Security course (OSCP) that I really started to see the bigger picture. I've done many courses and exams in my time and the OSCP is still by far the most challenging and most enjoyable. The CISSP course will look good on your CV and help getting interviews. It's a good overview covering many aspects of security but in my opinion it lacks depth. I'd say *nix skills are a must too.
Officially my title at work is 'Network and Security Architect', however working for a hosting company I tend to wear quite a lot of different hats and still do a lot of Server/network admin.

I wouldn't say programming skills are essential, however they will certainly help you a lot. As scottm pointed out Python and Perl would be on the list of languages to get a working knowledge of, however personally I have taken most to Ruby which helps when delving a little deeper within Metasploit.

Again as scottm pointed out, good networking knowledge is a must. I went down the Cisco route many years ago starting with CCNA and finished up doing the CCSP. This was a good primer, but essentially you are taught 'defensive security'. It wasn't until I did the Offensive Security course (OSCP) that I really started to see the bigger picture. I've done many courses and exams in my time and the OSCP is still by far the most challenging and most enjoyable. The CISSP course will look good on your CV and help getting interviews. It's a good overview covering many aspects of security but in my opinion it lacks depth. I'd say *nix skills are a must too.

Good luck.

Reamer - I'd recommend the O'Reilly books or the 'Beginning' series of books.

Good luck.

[thorin]

First checkout the following thread (because you can never read or learn too much....no such thing):
http://www.backtrack-linux.org/forum...ad.php?t=33114 < Thread to share Pentest related links in.

Two, look for local OWASP, HTCIA, ISACCA, ISSA, etc meetings that you can attend/join.

Three, don't sell yourself short. If you're a SysAdmin there are security things you deal with daily that you don't even attribute to the field (incl. but not limited to: patching, change management, backups, AV/FWs/IDS/IPS, user management, role management, permissions management, etc). Keep this in mind for things like your CISSP.

Four, while programming is a great place to start it isn't a 100% MUST HAVE. For the majority of Vulnerability Assessment work as long as you can script and understand the basics of a few languages you'll be fine (a loop is a loop is a loop, not matter what the specific syntax of a language). Logic, along with strong OS and Networking understanding is more important.

Five, obviously if you want to develop or research new exploits and overflows then yes you'll need a strong programming understanding and even deeper understanding of operating systems, applications, and may even need some competence in assembly.

PS > 20111103 - The forum is doing weird things parsing that "Thread to share Pentest related links in." URL, if it doesn't work for you just hit the Experts forum and check the stickies.

[scottm99]

Check the experts section forum. One of the mods sticky-ed a thread on pen-test related links.

[legitnick]

Once I finish my SWSE course I'm gonna go for my OSCP the only thing I don't have is the work experience. I'm just hoping that when I do start looking for a job that my certs, *nix experience, and Java/Python experience will be enough.

[sarcanalyst]

It really depends on the job you want. For example I work for Symantec (SARC team), and knowledge of disassembly is very important as you said programming helps. Another way to help get into IT security is learning how drivers for windows are created as well as how they work on the assembly level. Of course this is just one possibility in IT security, if you want to go the malware/virus security.


John