Dissecting The Hack

An Information Security Community

Job Advice

My name is Mark and I am new to the site. I will graduating with my Master's in Computer Science in June and I currently work for the Federal Government. I am very interested in transitioning my career in to Computer Security and have been interested in Ethical hacking, pen testing and what not. Since I am new and nt much of this is duscussed in grad school I am looking for some pointers on where to begin. Such as, good entry level books, software, best OS to use (I have Linux Mint at home now, noob at it). I am not sure what else to ask I am not really sure on what else I am missing. Look forward to hearing back from everyone.

▶ Reply to This

Replies to This Discussion

Permalink Reply by Jayson E. Street on February 8, 2011 at 10:22pm

Hiya Mark,

Thanks for posting glad you are here :-)

For books there are a lot of choices I would honestly start with places like the SANS reading room and other websites such as this that have security related post. Also being on twitter and looking at what INFOSEC people are tweeting about links to news and post regarding INFOSEC.

Also not a shameless plug but I was asked similar questions on this site http://www.ethicalhacker.net/content/view/336/1/ (which has A LOT more awesome content). Here is the excerpt dealing with this topic.

RichM: Advice for a person graduating high school that wants to go into information security...

JS: STUDY,STUDY,PLAY,STUDY and STUDY some more! Whether you are fortunate enough to learn in a formal class setting or like me who is still taking courses at GOOGLE U, never stop trying to learn something new. The other thing to keep in mind is that you must thoroughly enjoy this line of work. This field is too demanding to try and just collect a pay check. You have to have a passion and enjoyment of it. InfoSec WILL take up a lot of your free time.

RichM: What advice would you offer to people that are out of work, looking to re-invent themselves and want to get into InfoSec?

JS: Get involved! INFRAGARD, ISSA, DC Groups, CitySec or the 2600 is your friend. Most importantly join the InfoSec mentors program at http://site.infosecmentors.com/. You don't have to go to conferences to network, look for local INFOSEC/Hacking groups. It is there you will find support, new friends and probably most important information on who is hiring and help learning if Information Security is your true calling.

Thanks once again for your question and I look forward to any other feedback or content you would like to contribute to the site that is why we are here.

Thanks,

Jayson

▶ Reply

Permalink Reply by Mark A Nibert on February 9, 2011 at 6:11am

Thanks for the information. I am going to look in to all of that and see what I can dig up. Luckily I work for the DoD so I think I can take some classes here and hopefully transition it in to a job. I am working through Dissecting the Hack now and I am really enjoying it. I started off my career programming, I never really got good at it. I can read it for the most part but I just cant seem to enjoy it enough to turn it in to a job. I have always been interested in the network security, pen testing, hacking etc. so I think this is something I could easily study on my own. Do you think that the CEH certification is a good place to start as well? Where do you get the software tools to use legally?

Jayson E. Street said:

Hiya Mark,

Thanks for posting glad you are here :-)

For books there are a lot of choices I would honestly start with places like the SANS reading room and other websites such as this that have security related post. Also being on twitter and looking at what INFOSEC people are tweeting about links to news and post regarding INFOSEC.

Also not a shameless plug but I was asked similar questions on this site http://www.ethicalhacker.net/content/view/336/1/ (which has A LOT more awesome content). Here is the excerpt dealing with this topic.

RichM: Advice for a person graduating high school that wants to go into information security...

JS: STUDY,STUDY,PLAY,STUDY and STUDY some more! Whether you are fortunate enough to learn in a formal class setting or like me who is still taking courses at GOOGLE U, never stop trying to learn something new. The other thing to keep in mind is that you must thoroughly enjoy this line of work. This field is too demanding to try and just collect a pay check. You have to have a passion and enjoyment of it. InfoSec WILL take up a lot of your free time.

RichM: What advice would you offer to people that are out of work, looking to re-invent themselves and want to get into InfoSec?

JS: Get involved! INFRAGARD, ISSA, DC Groups, CitySec or the 2600 is your friend. Most importantly join the InfoSec mentors program at http://site.infosecmentors.com/. You don't have to go to conferences to network, look for local INFOSEC/Hacking groups. It is there you will find support, new friends and probably most important information on who is hiring and help learning if Information Security is your true calling.

Thanks once again for your question and I look forward to any other feedback or content you would like to contribute to the site that is why we are here.

Thanks,

Jayson

▶ Reply

Permalink Reply by Mark A Nibert on February 9, 2011 at 11:09am

I just finished part 1 of Dissecting the Hack. I have to say that I thoroughly enjoyed it and it is definitely something I can see myself getting in to. I would consider myself a pretty smart guy so I am hoping to get to studying. LinuxMint is running as a dual boot on my PC and I know that I need to learn it a bit more. The DOD is sending me for some Unix classes this year so I am hoping that I can do that pretty soon.

▶ Reply

Permalink Reply by Jayson E. Street on February 9, 2011 at 10:30pm

I think the C|EH and SANS GSEC are both really good places to start. Full disclosure I work with both of them not referring them because it is businuess I do business with them because I think they're good. ;-)

I am still a noob when it comes to trying to get really technical with the tools. One of the best OS for a hacker is of course Back Track 4 it has great tools and you can configure it as well.

If you need anything else just let me know also I'm on twitter as @jaysonstreet take a look at my list there are a lot of people I follow on there way smarter than me and would be a great help to you to learn more.

▶ Reply

Permalink Reply by Jayson E. Street on February 9, 2011 at 10:32pm

AWESOME I am glad you liked it that made my day :-) thanks again for joining this community.

Mark A Nibert said:

I just finished part 1 of Dissecting the Hack. I have to say that I thoroughly enjoyed it and it is definitely something I can see myself getting in to. I would consider myself a pretty smart guy so I am hoping to get to studying. LinuxMint is running as a dual boot on my PC and I know that I need to learn it a bit more. The DOD is sending me for some Unix classes this year so I am hoping that I can do that pretty soon.

▶ Reply

Permalink Reply by Mark A Nibert on February 10, 2011 at 6:26am

Sounds good, thank you for the quick replies. I will see what I can learn for BackTrack 4. I am in a ridiculously hard course for algorithms while I finish up my Master's so I have to keep what I learn simple or my brain may explode.

Jayson E. Street said:

I think the C|EH and SANS GSEC are both really good places to start. Full disclosure I work with both of them not referring them because it is businuess I do business with them because I think they're good. ;-)

I am still a noob when it comes to trying to get really technical with the tools. One of the best OS for a hacker is of course Back Track 4 it has great tools and you can configure it as well.

If you need anything else just let me know also I'm on twitter as @jaysonstreet take a look at my list there are a lot of people I follow on there way smarter than me and would be a great help to you to learn more.