Re: TCP/IP skills

[Vlad <vladkors () gmail com>]

Here's a nice article Security Focus has published some time ago
dealing with this very subject.

TCP/IP Skills Required for Security Analysts
http://www.securityfocus.com/infocus/1779

As for my opinion, I can't agree more. Advance (IP) networking skills
should be a vital and an inseparable part of a security experts'
knowledge. Although there might be some exceptions, a "security
expert" that lacks the basics of TCP/IP, that has no idea what a
packet is constructed of, is nothing more then a script kiddie.

Regards,
   - Vlad.


On Tue, 6 Jul 2004 21:20:46 -0400 (EDT), Don Parker
<dparker () rigelksecurity com> wrote:
> Hello all, I just wanted to comment on what I see as a rather alarming trend in the
> security industry today. More and more many are becoming reliant upon tools to do their
> job whilst they ignore core components of their skillset. Specifically in this case an
> in-depth knowledge of TCP/IP.
>
> Knowing TCP/IP at a granular level in my opinion is very much a core skill that must be
> attained by anyone who wishes to have a successful career in the network security
> industry today. One cannot become adept by simply using tools, and never knowing how to
> interpret the output by verifying the packets themselves.
>
> It constantly amazes me when I teach a TCP/IP Analysis course that people who are
> presently in the industy do not know of such basic TCP/IP concepts as the 3 way
> handshake and how ICMP works. That or being able to wholly dissect a packet and explain
> the relationships between various metrics.
>
> I would be curious to hear of your opinions on this?
>
> Cheers,
>
> Don
>
> -------------------------------------------
> Don Parker, GCIA
> Intrusion Detection Specialist
> Rigel Kent Security & Advisory Services Inc
> www.rigelksecurity.com
> ph :613.233.HACK
> fax:613.233.1788
> toll: 1-877-777-H8CK
> --------------------------------------------