Slashdot Mirror

← Back to Stories (view on slashdot.org)

Required Knowledge for a Career in Network Security

Posted by ryuzaki0 on from the look-before-making-that-leap dept.

mtgarden asks: "I am trying to decide if I want to make a career shift into network security. I enjoy learning about cutting edge technologies and find security interesting. I am not especially good at programing but would potentially enjoy the analysis side of security. Where would I start studying to learn whether this field is a good fit for me?"

7 of 73 comments (clear)

  1. SANS.org by Tool+Man · · Score: 3, Informative

    SANS has a wealth of in-depth courses, taught by experts in the field. They aren't inexpensive, but these aren't courses you will find at your local community college either. Some are taught on-line, in their "SANS@home" programs, where you have books, a CD of test data (in my case), and the Java client gives you an interactive environment with slides and audio.

  2. Cutting Edge.. by onion2k · · Score: 4, Informative

    I enjoy learning about cutting edge technologies and find security interesting.

    You can forget dealing with the cutting edge. Security work is all about currently deployed applications. For example, doing an audit at the moment is much more likely to require a good knowledge of Windows 2000 than XP or Vista.

    --
    http://twitter.com/onion2k
  3. some programming skill would be helpful by slackaddict · · Score: 2, Informative
    At least have a working knowledge of C or C++, since most of the OSS tools you could be using were written in that. Then study networking-related technologies - Set up your own network at home with a variety of operating systems and experiment with tools and different network protocols. Read everything you can get your hands on. Convince a security company or ISP to allow you to intern which would give you some real-world experience. Get certified in some security areas to beef up your resume.

    Those are a few things I can think of. HTH.

    --
    ConsultingFair.com
  4. Forums are useful... by Paperghost · · Score: 1, Informative

    ...and an extremely good way of getting your head around the latest threats, particularly in terms of the latest spy/mal/adware out there. The info is reliable and free, and you might learn something too. A lot of these sites are used by industry professionals, and you can gain a great network of contacts with a little hard work. A list of around 50+ forums to get you started, on everything from Malware analysis to building testboxes: http://asap.maddoktor2.com/

  5. it's a very hard field... by Malor · · Score: 5, Informative

    As a system and network admin, security is something I think about quite a bit. As far as I can determine, truly good security people are the best of the best in the computer world. There is _nothing_ in computers as difficult.

    As an admin/architect, you need a prodigious memory; you have to know all the software you're deploying, with all its various warts. You have to know your operating systems, and their interactions with your chosen hardware, both system and network. And you have to understand your network layout and be able to troubleshoot.

    As a programmer, you need less knowledge and more raw brainpower. You still need to know how other people do things, but a great deal of the job is raw invention on the spot. Knowledge in the programming field tends to be narrow, specialized, and very deep.

    As a security person, at least to be a GOOD one, you need all the skills of both fields, plus more besides. You have to be able to audit source code and find weaknesses; you have to be able to probe a network remotely and understand its layout and where its holes are likely to be. Defensively, you have to understand all the possible ramifications and interactions with combinations of software. Offensively, you have to be able to find the holes that nobody else has seen before.

    Both programming and sysadminning can lead into security, but if you want to be GOOD, I'd strongly suggest trying to be both. You might want to program first; that's usually harder to break into, and it can be easier to get a job out of college. Admins tend to like experience as much or more than education, so once you have a good degree of programming skill, you can probably branch out and pick up what you need in terms of system administration. You don't necessarily need the day-to-day details, but you do need a very, very deep understanding of _exactly_ what the operating system and programs are _actually_ doing... not just the cruder models most of us tend to use.

    It is a very interesting field, but it'll take everything you have and then some just to keep up.

  6. Re:Vital knowledge by bpalmer · · Score: 2, Informative

    Obviously you're not a real security guy... You forgot Sneakers.

  7. Re:Career chooses you. by jschottm · · Score: 2, Informative

    Network Intrusion Detection by Northcutt and Novak
    Counter Hack (Reloaded) by Skoudis
    The Hacking Exposed series by Joel Scambray and other authors are fairly informative as to techniques and defenses, but not necessarily at explaining the topic at a packet level.
    Hacker's Challenge 2 by Mike Schiffman is a decent introduction at applying analysis skills

    There's a ton of useful mailing lists and websites that have similar information, but the above books (particularly the first two) provide a lot of it in well written form in a central location.