• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Security Newbie... Want to learn more on the subject.

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions

View previous topic :: View next topic  
Author Message
Geekboy
Just Arrived
Just Arrived


Joined: 18 Jan 2005
Posts: 0


Offline

PostPosted: Tue Jan 18, 2005 5:29 am    Post subject: Security Newbie... Want to learn more on the subject. Reply with quote

Hello I was wondering if anyone can share their thoughts on some good books to get my feet wet. I am looking to take the Security+ exam, but JUST DON'T want to read a book about the exam... rather I would like to read and learn more about hacking and IT security, not just exam objectives.

I am in the IT field and have my MCP, A+, Network+ certs, and would like to learn more about this subject and take some test in the future.

The end result would be to get certified. Weather it's Security+ or CISSP. <-- which by the Im not sure about. In a nutshell I want to start at the beginning. For me its something I have always been interested in, and think if I can just start reading up on it I can get my security skills up to par.

I see many books on hacking but dont want to spend my money on them without getting some recommendations I seen afew that look like good reads, but not sure if they are good for a n00b. Also it appears that the only books I see on security, are more geared toward certs. Any replies would be greatly appreciated.

BTW CISSP... Would this be an entry lvl cert or secondary one to obtain in the future?
Back to top
View user's profile Send private message Visit poster's website
Munck
Just Arrived
Just Arrived


Joined: 11 Feb 2004
Posts: 0


Offline

PostPosted: Tue Jan 18, 2005 10:52 am    Post subject: Reply with quote

The CISSP is not an entry level cert. - It requires 4 years of experience, and covers a lot of subjects.

The is a lot of free study material on www.cccure.org.

Besides that - I highly recommend this book:
"Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems"
by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey

http://www.amazon.com/exec/obidos/ASIN/0735712328

I wouldn't spend money/time on CompTIA certs., but that also depends on were you live. In Europe, + certs. are not worth it. You mention you have MCP N+ and A+ - why do more entry level certs.?
- The can only be used to get your foot in the door anyway. There are plenty of more advanced certs. than security+.
Back to top
View user's profile Send private message
Geekboy
Just Arrived
Just Arrived


Joined: 18 Jan 2005
Posts: 0


Offline

PostPosted: Tue Jan 18, 2005 5:31 pm    Post subject: Reply with quote

Munck wrote:
The CISSP is not an entry level cert. - It requires 4 years of experience, and covers a lot of subjects.

I wouldn't spend money/time on CompTIA certs., but that also depends on were you live. In Europe, + certs. are not worth it. You mention you have MCP N+ and A+ - why do more entry level certs.?
- The can only be used to get your foot in the door anyway. There are plenty of more advanced certs. than security+.


Thanks...

From what I seen on their website this morning, you are right about the 4 years. Not to mention the price for the exam is a little steep. Rolling Eyes Knowing this now I would venture to say this would be something I would look at only if my employer paid for it. Like I said I was not sure about it, but found about a little more this morning.

As far as Security+ I agree with the entry level cert comment. BUT I got into IT with no certs, and thought it would be beneficial to get some, this is why I obtained a few. Not to mention as "simple" as they may seem employers still add them as requirements from what I have seen.

From what I read this cert is a "requirement" for most jobs. I don’t know for sure if it helps. I’m in the Big Apple, and seen this cert as a requirement in some listings. For me it's just something I was thinking about along with learning more DB stuff.

I’m in the business, and basically doing nothing new. I want to move ahead and where I am right now there is nowhere to go. I want to do more, and thought learning/specializing in security would be a good thing.

I do a little of everything, but wanted to have a skill I know no one here has or something that would allow me to find another gig when I’m ready. This is why I basically wanted to start reading up on the subject, and see what certs in the future would benefit me in getting a gig in security.

I have about 8 years in IT doing various things, but I know this won’t help me get into the security arena alone. I need to get my foot in the door; I need to know the subject. Wink

I would love to hear some more recommendations on books about security and hacking for a n00b to start out with. I guess I’m looking for a starting point.
Back to top
View user's profile Send private message Visit poster's website
dadragon
Just Arrived
Just Arrived


Joined: 20 Oct 2004
Posts: 5


Offline

PostPosted: Tue Jan 18, 2005 8:25 pm    Post subject: Reply with quote

Since you already have some networking knowledge it will be a lot easier for you to get into IT Security. Both hands-on and theory will benefit you but to get started how about building a system with VMWare (trial version) running multiple OS were you can break the system and then put it back together? Also you can do with reading lots of whitepapers and userguides from various groups and vendors.

http://www.blackhat.com/html/bh-multimedia-archives-index.html

Wink
Back to top
View user's profile Send private message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Wed Jan 19, 2005 5:15 am    Post subject: Reply with quote

Check out the book reviews section for some good titles:

http://www.security-forums.com/forum/viewtopic.php?t=11632

Also read all the stickies in each section, start experimenting with some tools and techniques, get familiar with Windows and *nix on a low level, ask questions when you get stuck, you seem like a smart enough guy Smile

Am sure you'll be fine.
Back to top
View user's profile Send private message Visit poster's website
Munck
Just Arrived
Just Arrived


Joined: 11 Feb 2004
Posts: 0


Offline

PostPosted: Wed Jan 19, 2005 1:10 pm    Post subject: Reply with quote

For moving into security, I'll recommend going for the MCSA/MCSE 2003: Security. MS certs. are always good to have. As for networking, go for the CCNA. You already have a good foundation (N+), so it shouldn't be to hard. After the CCNA, there's only a couple of tests to the Cisco Firewall/IDS etc. Specialist titles.

Anyway, that's the route I'm going Wink
Back to top
View user's profile Send private message
gat0r
Just Arrived
Just Arrived


Joined: 02 Jan 2005
Posts: 0
Location: Belgium

Offline

PostPosted: Wed Jan 19, 2005 7:59 pm    Post subject: Reply with quote

if you have your security+ you can apply it to your MCSA/MCSE 2003 + security, one less exam to take (sort of, well one less MS exam). Security+ plus will focus on the basics for you, not so much hacking as it is Security basics, the importance of firewalls, antivirus, etc. Its a big field and you do need to start light (big picture) and work your way up.

If you want to learn security you should learn it by doing. one of the posters above had it right with getting Vmware, loading some OSes, specially *nix, the work on breaking into them. There are lots of free tutorials on the net and plenty of books to buy. The hacking exposed series is great, the anti-hacker toolkit is good as well and now there are all kinds of new hacking books. back to the security plus subject, i would go to the bookstore and thumb through the books on the cert and see if you know the material. if you feel like you do, you could consider moving on to CEH or SSCP.

There are several websites that cater to learning security. my favorite is www.learnsecurityonline.com , it used to be www.rootwars.org and they use simulators, labs, papers and other materials to help learn security and cater to many levels of knowledge. I am member and find it worth the money. But there are plenty others that are free like try2hack and hackthissite but usually find the help lacking or the people rude on the free sites. I personally hate/hated getting told to go read the old ass tutorials on the interent to learn how to do computer security or go learn to program first, not much fun in that.

gat0r
CEH, CompTIA A+, Network+, Security+, MCP 2003
Back to top
View user's profile Send private message Visit poster's website
Geekboy
Just Arrived
Just Arrived


Joined: 18 Jan 2005
Posts: 0


Offline

PostPosted: Fri Jan 21, 2005 10:42 pm    Post subject: Thank you Reply with quote

I appreciate the replies. As for VmWare I have it... I run Windows 2k server and SQL 2k server, and Mandrake in another. Smile I sue it on occasions to try out new things. Maybe it's time to use it a little more.

I will see what I can gather up and browse through online, and try my own thing at home through Vmware, and alike. IT is nice, but when you get to a point where your doing nothing and feel like you are losing your skills... you try to get back in the saddle again. Thats basically what I'm trying to do here. Broaden my skill-set, and look at different avenues within IT.

Thanks again. Wink
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register