Home page logo

pauldotcom logo PaulDotCom mailing list archives

NIT (Ninja in Training) looking for guidance.
From: paul at pauldotcom.com (Paul Asadoorian)
Date: Wed, 13 May 2009 07:53:55 -0400

Hi Nick!

Thanks for writing in, and thanks to everyone who has responded so far.
 I thought I would chime in with some of the things we tell people who
come to us with this very question.

First, setup a home lab.  VMware makes free versions of their software,
and there are thousands of pre-configured virtual hosts available on
their web site.  Don't just focus on setting up security tools either,
try to setup a file server using Samba and lock it down (for example).
I was on an interview once for one of my first UNIX systems
administrator jobs and they asked me if I had experience with NFS.  I
said I sure did, I run it at home.  They looked puzzled at first, but
when I could answer all their technical questions about NFS, they, well,
they hired me :) (I also brought pictures of my computers at home, not
that I recommend that, but its one of those funny interview stories).

Second, don't underestimate training and certification (including a
degree).  When you are first getting into the field a certification can
go a long way to getting your foot in the door.  SANS runs specials all
the time, so look for deals.  In fact, sometimes they run free classes!
(They ran an IPv6 course for free).

Third, webcasts and podcasts are free, listen to them :)  Also, books
can be free too

Good luck and thanks for listening!


I am young (at heart, not in body) aspiring Security Professional.  I
am currently in a blue collar job (good job just not my passion) and I
am wanting to work my way into the Information Security career space.
I am looking for a little advice and guidance in my first steps.  I
was a silly youth and didn't make my way through college (I have a
handful of credits).  Since dropping out I have grown a little family,
wife and 16 month old daughter, so my choices are guided by that a lot
(both money and time commitment wise).  Currently I am enrolled in an
online B.S. in Information Technology degree from University of
Massachusetts though I am finding the $300 plus a credit hour (about
6k a year on my current plan), the time in which it will take to
complete (about 5 years at 2 classes every semester), and the lack of
focus to the information security field disheartening and making me
re-evaluating my choice.  While I don't mind devoting time and money I
would prefer to do it toward something more relevant and focused to
where I want to be.
I know that I will want take classes from SANS in time but I do not
feel that I have the fundamentals yet.  I also almost religiously
listen to PaulDotCom Security Weekly.

So I am hoping that you all will grace me with your earned wisdom and
give me a few nudges in the right direction so I don't waist too much
time and money.
I'm looking for advice on mainly on what are the best building blocks
to develop a solid foundation for my Ninja skills.  Any programs,
certs, classes, books, websites, podcasts, video tutorials that you
can think of would be appreciated.

In advance, thank you for your time, energies and knowledge.

Nick G
Your friendly UPS man (though hopefully not for long)

~All healing is self healing.~

P.S.- I feel so newbie and I know doubt will receive some RTFB / RTFM
and GIF (Google it Fool) but I'll live through the embarrassment.
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
Main Web Site: http://pauldotcom.com

Paul Asadoorian
PaulDotCom Enterprises
Web: http://pauldotcom.com
Phone: 401.829.9552

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]