• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Where to start?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions

View previous topic :: View next topic  
Author Message
Firewall84
Just Arrived
Just Arrived


Joined: 13 Jul 2010
Posts: 0


Offline

PostPosted: Tue Jul 13, 2010 3:27 pm    Post subject: Where to start? Reply with quote

I'm a security admin at a small college, and have been so for about a year and a half. While we have several system administrators, I'm the "security guy". To my knowledge, until I was hired the college didn't have a "security guy" despite being open several years. My boss is more of a networking person, and while he tries to help when requested he doesn't seem to have much guidance to give me about what to do. He seems to put a lot of trust in me to manage myself and take care of things.

My problem is that I was hired 6 months out of college. My degree was focused in information security but this basically consisted of a intro to information security course and a digital forensics course. My only previous "experience" was a internship that I didn't get a whole lot out of, as it was only 8 hours a week and they seemed surprised I showed up every time and didn't know where to put me.

So while I have accomplished a few things since I started here, it has been pretty random and unorganized as I don't really have an experience to use to go about this. So I guess what I'm hoping to get is some guidance on where to start coming into an established organization and making them more secure.

Thanks,
Firewall84
Back to top
View user's profile Send private message
Weaver
Trusted SF Member
Trusted SF Member


Joined: 04 Jan 2003
Posts: 0
Location: WI, USA

Offline

PostPosted: Fri Jul 23, 2010 8:50 am    Post subject: Reply with quote

"Security" in the realm of information technology casts a rather long shadow.

First and foremost the most important aspect to understand is what is expected of your position. What is the expectation of your management? Does that match your job description? Setting the correct expectation is half the battle when it comes to dealing with business decision maker types and maybe a quarter of the battle when dealing with technical decision maker types.

Once you have an idea of what is expected and required of your position--a finer tuned description of what "security" means in the context of your position and responsibilities, then you can begin to assess your skills, abilities, and resources to determine whether or not they can meet the expectations and objectives set.

What I can tell you, regardless of expectation, objective, or role, is that the best "security" guys, regardless of discipline, are bottom up, not top down. They understand systems from the basic building blocks and lowest layers on up through all the layers of abstraction to the street/user level. Additionally, they don't gain the knowledge and understanding by just doing or reading alone. They must read *and* do.

"Booksmarts" lack "on the metal" confidence and the field tactics to work through idiosyncrasies of a system. "Street smarts" lack the ability to see bigger pictures and connect seemingly disparate dots with lines.

Some specifics are probably in order here:

Take "desktop security" for example:

  • Get yourself a throwaway machine/image/VM isolated from your production/primary network. Infect it purposely by visiting porn sites, clicking "yes" to everything. Clean it up using tools and paradigms of the moment like MBAM. Really clean that sucker.
  • Learn how to prevent what you just did with Solid anti-malware software. Learn how to lock-down users with Group Policy (if using AD) and/or whatever policy management you have in place.
  • Read up on digital forensics. Understand digital crime scene investigation and system preservation. In our infection example above, tools like The Sleuth Kit (TSK, Autopsy, OSS and free) and Forensic Toolkit (FTK, $) are heavy hitters if a crime or investigation is involved.


Take "network security" for example:

  • Setup a wireless network and "asdf" an 802.11i Pre-Shared Key. You'll have even better luck with WEP.
  • ARP Poison Route, MITM, and grab your wife's Facebook password using sslstrip.
  • Yersinia is very fun.
  • Learn how to prevent the attacks using functionality built-in to appropriate grade routers, switches, and operating systems.


Note that these sorts of things are easier to accomplish than they are to understand what is going on at every layer.

As mentioned earlier, the best security guys are bottom up. To gain that sort of knowledge you will spend your time reading a lot of RFC's, O'Reilly books, textbooks, and blogs by people smarter than yourself. While you are doing the reading, you are playing.

The first step to "bottom up" is to start at the bottom. Learn how a computer works. Not the explanation you give to your mother either, unless of course your mother is Radia Perlman or Marissa Mayer. Learn a programming language that is close enough to the bare metal like C. Learn assembly to understand more about a CPU, memory, and "the stack." You don't have to like it, or even consider yourself a programmer, but you do have to know it.

After you have a basic understanding of computer organization read a good book on operating system design. Good books will have words like "ring level", "interrupt descriptor table", and "deadlock".

Somewhere along the journey you need to start network fundamentals. Good books will have the phrases like "CSMA/CD", "Vint Cerf", and "PDU" sprinkled throughout the text.

I prefer books by Andy Tanenbaum and William Stallings (both have written many texts used in many colleges). Andy Hunt has a great book titled Pragmatic Thinking and Learning that isn't technical but will better teach you how to learn. Highly recommended.

If you get this far you will be wired enough to know where to go from there.

As your brain becomes filled with minute details interconnected with other minute details be sure to keep yourself sane with other hobbies and activities. Smart people burn out, smarter people finish the year without remaining vacation, and the smartest of people think they can optimize and outsmart everyone and every thing which leads to OCD tendencies and bi-polar swings. Smile Stick to the middle group--I hear Alaska is beautiful.

-Weaver
Back to top
View user's profile Send private message
Firewall84
Just Arrived
Just Arrived


Joined: 13 Jul 2010
Posts: 0


Offline

PostPosted: Sun Jul 25, 2010 9:14 pm    Post subject: Reply with quote

Wow Weaver, thanks for the help!

I forgot to mention, my job is specifically oriented to the big picture side of the house. Another person was hired for the day to day stuff.
Back to top
View user's profile Send private message
xandersolis
Just Arrived
Just Arrived


Joined: 27 Jul 2010
Posts: 0


Offline

PostPosted: Thu Jul 29, 2010 2:46 pm    Post subject: Reply with quote

If its policy, standards and procedures you're working on, ISC2's CISSP CBK and the ISACA CISM are good reference materials.

Hope this helps,

Xander
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register