Home page logo

pauldotcom logo PaulDotCom mailing list archives

NIT (Ninja in Training) looking for guidance.
From: dninja at gmail.com (Robin Wood)
Date: Wed, 13 May 2009 18:25:50 +0100

Another one for you, go to cons. Which ever you can get to, I've
learnt so much and met so many people from going to various cons.
Stuff that you'd never learn on your own.

Also the network you build up is amazing, being able to mail the
authors of tools directly  because you got drunk with them so they
know you is much better than having to cold mail them or to ask on a
list and hope they will reply.


2009/5/13 Jack Daniel <jackadaniel at gmail.com>:
Let me add a couple of things to the very good suggestions already posted-

When you do land that first "real security" job, do not be surprised
or disheartened if it is not what you expect. ?Be aware that even in
the best "security companies" there are plenty of security-clueless
folks (someone has to be in sales, right?). ?Learn from the

As others have suggested, play with stuff, build a lab, even just a
few VMs if the budget is really tight. Break things, then fix things.

Also as suggested, network- not only with security groups, but any
relevant technology group. ?You said you were going to UMass, we have
a multitude of user and developer groups in Mass. ?Check out
bostonusergroups.com for a big honking list and calendar. ?And insert
obligatory NAISG plug here- we have chapters that meet in Waltham and
the Conn. River Valley. ?Can't afford conferences? ?Try the best kind
of social engineering: volunteer to help, for example several people
went to SOURCE Boston for free (in exchange for time, which I know
isn't really free with a young family).

And, blog. Yes, blog. Don't worry if anyone reads your blog, do it to
force yourself to compose coherent ideas and put them in a public
space. ?Write about security, your experiences, opinions, whatever.
Effective communication skills will occasionally be more valuable to
you than any technical skill you may have. ?Note- Someday, someone may
follow a link to your blog from your digital resume and ask about
something you wrote during an interview- so keep that in mind as you
write. ?(I, er Bob, has been put in awkward interview positions by

Good luck,

Jack Daniel, Reluctant CISSP
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]