I am a longtime lurker in these forums - I work with Ubuntu servers every day at my work and I frequently find answers to my problems up here. So bravo, Ubuntu community!

A little background:
I am a fairly recent computer engineering grad, I have been in the workforce for a little over a year now. I did great in school, graduated with honors, cum laud, all that good stuff and I really enjoy the field.

So, on to my conundrum:
I have always wanted to do IT security - specifically network security. Unfortunately, I did not have time to pursue this interest in college beyond taking the required courses for my major. I always assumed that this would be something I could get into if I could find a job willing to train me up.

When I graduated, I searched for jobs in this field but it seemed like nearly all of them required some level of previous experience and no one was interested in providing the training that would be required to get me up to speed. So I ended up taking the next most interesting position I could find: a sort of software design, hardware integration, server administrator hybrid.

I have been fairly happy at my position, but I still wish I could find a way to break into the IT security field. I understand that there's tons of "teach yourself" content on the web and I've read through some of it, but I have always been a better learner in a classroom environment - specifically when I have a mentor who's brain I can pick and interesting assignments that I will get good feedback on.

I have checked around online and it seems like there is plenty of online training for various certifications and even a few online degree programs. I am more than a little wary of the degree programs and while I'm certain that I could study and obtain these certifications, it would not be the same thing as receiving a broader eduction in the field. (Although, I fully intend to pick up some of them once I am educated)

What I'm really looking for is some sort of trade school for college grads, preferably with a campus. I want to avoid schools like ITT Tech, which are more suited for inexperienced applicants.

Another option would be to go back to college (I have found some colleges that offer undergrad degrees in security) or perhaps grad school. However, I suspect that I will be in the same Catch-22 boat with grad school applications as I was in for job seeking, where I would not have the experience required. I'd also rather avoid getting another undergrad degree.

My question:
Has anyone else been in a similar situation? Any professionals out there that would like to share their experience? I would welcome any advice or insight.

Thank you! :D

Honestly you really need to tough it out and learn what you can. You won't get an interview without at least 5 solid years of related experience for most sec jobs.

Network, get in touch with individuals in the sec community and start learning. There are certs and degrees which you have no doubt already researched but the truth of the matter is it's alot more prove it mentality. It also relies on a different mind set that can't necessarily be tought. If it's really the path you want you're going to have to work very hard to get it

be prepared to sit and view logs all day, surrounded by arrogant elitists and have to make their tea all day long whilst getting paid next to nothing for the privelege until about as said above me 5 years down the line you have plenty of experience and demonstratable skills to show along with some industry recognised certs in the arena, and regardless of what some will tell you....CompTIA Security + and various other entry level quals are just that, entry level....so dont expect too much too soon.

Learn all you can when you can, rack up plenty of experience and be prepared to be bored out of your skull, IT Sec is not as glamorous as people think.

Pen testing is often bound by very specifc rules and red tape, Sec management is all regulatory compliance and paperwork.

Best of luck ;-)

and by the way both myself and dangertux above me are in the field so we are not trying to put you off but more make sure you realise the realities.

peace

Get one of the PenTest distro's, create a small test lab at home, there are lots of books and articles, get on some of the IRC channels, the practice, practice, practice. That will get you real experience not theory, experience you can talk about in a job interview.

Start showing your expertise at work get some resume fodder. Then start looking for a security job if that's what you want.

Get one of the PenTest distro's, create a small test lab at home, there are lots of books and articles, get on some of the IRC channels, the practice, practice, practice. That will get you real experience not theory, experience you can talk about in a job interview.

Start showing your expertise at work get some resume fodder. Then start looking for a security job if that's what you want.


This is pretty good stuff, you should incorporate it in with the networking that I talked about earlier. Don't let the first time you're telling someone about what you've done or what you would like to learn to do while you're asking them for a job interview.

It's much easier to discuss something with a like minded individual you are friends with than it is to discuss it with someone who is going to give you about 45 seconds to prove you're what they want before they have a "more important call on the other line".

Keep that in mind, go to things like Sec Bsides , you will meet a lot of people in the field, and most of them like nothing more than to hear themselves talk. Listen to them, learn from them, comment constructively on what they are saying. I say sec bsides because usually all you will end up paying for is parking and food. If you go to the initial reception they are usually about 200 bucks. As opposed to things like Black Hat which are yearly and can cost thousands, also unless you are a presenter people will be too drunk to remember your face the next day :-P

Thank you guys for all the great replies.

This is more or less what I was expecting to hear, I just wanted to be sure of my options.

I have a solid foundation for security just from having worked with lots of servers, networks, etc. So I will be building on that going forward.

@docbop
Thanks for the tip on setting up a test lab. I've had a distro of BackTrack set up in a VM somewhere that I've been meaning to play around with. What principles or techniques would you say are a good jumping-off point to start tinkering with?

@haqking
I sit around and look at logs for significant amount of what I'm doing now, so that would be nothing new ;)

@dangertux
Spent a chunk of yesterday reading through your blog - very well written and interesting! I definitely have the technical know-how to understand everything that you were tackling in your tutorials, if that's any indication of my skill level.

It pains me to ask this, since I know it gets asked all over the place, but the answers are so varied that I figured maybe you guys could give me a more focused response:
Given where I'm at, where should I begin? What would you consider "required reading"? What about "required skills"? Good exercises to perform? Good communities to dive into?

Thanks again for all your help, I really appreciate it.

Thank you guys for all the great replies.

This is more or less what I was expecting to hear, I just wanted to be sure of my options.

I have a solid foundation for security just from having worked with lots of servers, networks, etc. So I will be building on that going forward.

@docbop
Thanks for the tip on setting up a test lab. I've had a distro of BackTrack set up in a VM somewhere that I've been meaning to play around with. What principles or techniques would you say are a good jumping-off point to start tinkering with?

@haqking
I sit around and look at logs for significant amount of what I'm doing now, so that would be nothing new ;)

@dangertux
Spent a chunk of yesterday reading through your blog - very well written and interesting! I definitely have the technical know-how to understand everything that you were tackling in your tutorials, if that's any indication of my skill level.

It pains me to ask this, since I know it gets asked all over the place, but the answers are so varied that I figured maybe you guys could give me a more focused response:
Given where I'm at, where should I begin? What would you consider "required reading"? What about "required skills"? Good exercises to perform? Good communities to dive into?

Thanks again for all your help, I really appreciate it.


I'm glad it was interesting for you and thank you for the compliment. Although personally I feel I need to work on my writing style (personal goal). However, in terms of security alot of that is very basic stuff : designed either to prove a simple point or to give an explanation of a task to help people, it gets a lot more complicated than that.

Also even though the question wasn't directed at me but I do have experience with penetration testing. If you are wanting to get specifically into that it is a VERY broad area, and requires members of a team to have experience with all sorts of different technology , as well as creative thinking and problem solving skills. It's also important to understand that pen tests are not a giant hackfest free for all, in fact I don't like the term hacking at all in relation to a pen test. In my opinion a hack is something that works, but you may or may not fully understand why or how, or the implications of it. A penetration test needs to have documentable, reproducable and actionable results. Keep in mind a penetration test report is designed to aid security personel in a company with improving their systems. So you need to have a valid recommendation.

Example 1 : "DB2 database uses default passwords you got owned!"

This is horrible and not useful

Example 2 :
DB2 is publicly exposed and is running as root, user dba has a blank password, exec is in dba's permission set.

Threat Level : High, this vulnerability has a high potential for causing catastrophic damage to XYZ company's infrastructure.

Yield : This yielded access to credentials for multiple accounts including ssh keys to the internal domain controller, this allowed us to gain entrance to the internal network and gain ownership of the domain.

Recommended steps for remediation : use strong credentials for the dba user account, remove exec from permissions of all users unless absolutely needed. Do not run the DB2 service as root. Consider implementing application level firewall for DB2, isolate the database in a data management zone if possible.

This is the same thing essentially but repeatable, informative and gives a plan of action for the sysadmins in charge of these systems. This of course is just an example. This is also why pen testers often have a considerable amount of experience not just "hacking" but in the system administration field as well.

So honestly, learn what you can by auditing your own systems using Back Track and any other tools you may have at your disposal. However, as far as starting out in IT you're on the right track in my opinion.

Nice write up Dangertux.

Thanks :-)

yep, totally agree with dangertux.

Setup your own network, easily done with a few virtual machines and buy yourself a few books, there are some heavy but good ones out there like the following:

Network Intrusion Detection by Stephen Northcutt
Hacking the art of exploitation by Jon Erickson

Both valuable books IMO

there are the Hacking Exposed series

and things like the CEH books for the CEH curriculum.

NMAP and its book by Fyodor (a network bible in my opinion)

Lots of available sources online too, Offensive security have some good online videos for using Backtrack and its toolset.

Something i always tend to stress but others tend to de-value sometimes depending on the individual which i find strange, is understanding protocols (learn to read a packet like you read a book) a great tool i find for both learning and working is Wireshark and its associated book which is a great read.

DNS and BIND by Cricket liu
Internet core protocols by Eric Hall

My opinion of course but you wont get very far with any BT distro or any pen test tool unless you understand the packets and there varying structures and different protocols.

I am always amazed on here at individuals who are asking for advice on say relatively simple things like setting up a server to say how to get a wifi driver working for aircrack yet dont know the basics even of TCP/IP and wouldnt know the difference between a MTU, MTA or MOTD.

Start at the bottom and work up, if you start at the top basic fundamentals will be the stumbling block and i have seen it all the time.

I am no sec guru, i work in the field but it is ever so steep learning curve everyday and is on going, and without some fundamentals that could never happen.

But you are on your way for sure.

Have fun

yep, totally agree with dangertux.

Setup your own network, easily done with a few virtual machines and buy yourself a few books, there are some heavy but good ones out there like the following:

Network Intrusion Detection by Stephen Northcutt
Hacking the art of exploitation by Jon Erickson

Both valuable books IMO

there are the Hacking Exposed series

and things like the CEH books for the CEH curriculum.

NMAP and its book by Fyodor (a network bible in my opinion)

Lots of available sources online too, Offensive security have some good online videos for using Backtrack and its toolset.

Something i always tend to stress but others tend to de-value sometimes depending on the individual which i find strange, is understanding protocols (learn to read a packet like you read a book) a great tool i find for both learning and working is Wireshark and its associated book which is a great read.

DNS and BIND by Cricket liu
Internet core protocols by Eric Hall

My opinion of course but you wont get very far with any BT distro or any pen test tool unless you understand the packets and there varying structures and different protocols.

I am always amazed on here at individuals who are asking for advice on say relatively simple things like setting up a server to say how to get a wifi driver working for aircrack yet dont know the basics even of TCP/IP and wouldnt know the difference between a MTU, MTA or MOTD.

Start at the bottom and work up, if you start at the top basic fundamentals will be the stumbling block and i have seen it all the time.

I am no sec guru, i work in the field but it is ever so steep learning curve everyday and is on going, and without some fundamentals that could never happen.

But you are on your way for sure.

Have fun

I agree with everything said here. I'm not in the sec field, but trying to get into it. I've read the first 3 books mentioned and loved them. I learned a lot from them, which is great, but I also found them somewhat fun to read. I also browse through the videos on Security Tube (http://www.securitytube.net/) a lot, as well as the Offensive-Security site.