RE: Getting In

["Louie" <tech.louie () verizon net>]

Hey Joe McCray,

I was wondering what other sites would I
be able to learn about security? I check
out the url that you posted on here. I
myself have been in the tech world for
about 5 yrs. I would like to move on to
security and intrusion detection. So any
other sites that you could think of can
you post them for me or anyone else?

Plus I notice that your part of
root-wars. You must be very good in
linux also too?

Louie

-----Original Message-----
From: Joe McCray
[mailto:joe () rootwars org]
Sent: Wednesday, August 20, 2003 12:24
AM
To: chort
Cc: security-basics () securityfocus com
Subject: Re: Getting In

As far as getting the security
experience - your software development
background should be real plus. A lot of
people come into the security field
from the network administration side of
the house (myself included). There are
a lot of groups out there on the net
that are good for learning about
security.
Some places that you might want to check
out are honeypots.org, sans.org/rr,
infosecwriters.com, and then there are
the sites that are more geared toward
what I'd call "functional knowledge"
places like pulltheplug.com,
roothack.org,
and ngsec.com.

Joe McCray
joe () rootwars org
http://www.rootwars.org
Hacking Games   Hands-on Courses
HackLab Access



Quoting chort
<chort () amaunetsgothique com>:

> On Sat, 2003-08-09 at 04:28, Mike West
wrote:
> > Guys
> >
> > I know you have probably been asked
this question many times but here
> goes.
> > I am currently a security enthusiast
and employed as a software developer
> > for a large Telco company however I
would like to get into the security
> > field but I am finding it a very
tight market to get into.
> > How would be the best way to make a
start in the Security field. As I have
> > found that most company's will not
look at your CV unless you have had 2
> > years proffesional
experience/certification and you can't
get a
> > certification until you have the
experience etc.
> > Thanks in advance
> > Mike
>
> For me it was dumb luck.  I jumped out
of University half way through a
> CIS degree to get started in tech
during the boom.  Initially I was an
> advanced troubleshooting technician
for an ISP, then I moved to another
> ISP, then to an e-mail hosting
provider where I spent several years.
> After the hosting provider laid me off
for the second time I did the
> usual round of posting resumes on job
sites and re-motivating myself to
> self-educate.  I finally finished
reading Building Internet Firewalls
> from O'Reilly, which turned out to be
a very smart move.
> By dumb luck one of the leading e-mail
security companies contacted me
> (because of my e-mail background) and
thanks to the fact that I was
> aware of security best practices and
techniques, I got the job.
> Now I'm loving InfoSec.  It's
everything I always wanted to do, but
> never thought I had enough experience
for.
> My advices is to read some good books
(such as Building Internet
> Firewalls, and Hacking Exposed) and
take some time to play around with
> setting up different operating systems
at home, then locking them down
> and connecting them to your network
(it helps to buy cheap old boxes at
> a used computer shop or on eBay).
Obtain an entry level certificate if
> you have the time and money (maybe the
Security+ or SSCP).  Then just
> cross your fingers and hope for an
opportunity.
> --
> Brian Keefer
>
>
> --------------------------------------
-------------------------------------
> --------------------------------------
--------------------------------------
>


----------------------------------------
-----------------------------------
----------------------------------------
------------------------------------


---------------------------------------------------------------------------
----------------------------------------------------------------------------