dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
5661

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco

Premium Member

How did you become a security experts?

This is mainly for those who are at the top of the food chain with regards to security.

As the subject suggests, the question here is how did you become a security expert? For example, was it testing every piece of malware you could get your hands on? Was it reading every bit of information you could on every piece of malware that came into the world of computers? Was it schooling?

I'd like as many opinions as possible, as security is a thing that interests me the most about computers. I always love browsing/lurking around in this forum to see the latest news on security matters. I know enough to protect my PC and my families PC's, but I'd like to expand that and become more of an expert myself. I look up to most of the top security experts here in hopes of one day becoming at least half of what you guys are.

Steve
I know your IP address

join:2001-03-10
Tustin, CA

5 recommendations

Steve

Help others.

Nothing substitutes for a curious mind or an interest in the technology, but helping others is what pushes you to learn in areas you would not necessarily choose on your own.
  • look at a firewall log and see if you can characterize what's going on.

  • Help somebody free a machine of spyware (i.e., hone your Hijack This! skills)

  • Post a review of a security program you've discovered.
and so on.

All of these things add to both your knowledge and your good karma.

Steve

Daniel
MVM
join:2000-06-26
San Francisco, CA

3 edits

7 recommendations

Daniel to alamarco

MVM

to alamarco
A few of my thoughts on the matter:

  • Be Passionate About It
    You can't get to the top if you don't truly love what you do. I think you can do decently well, but you won't ever see the upper levels. This is especially true in Security where it takes so much continual effort to stay current.

  • Don't Be Intimidated By Anything
    Many people in I.T. are pretty solid with a few technologies but have areas that they'll never get into because they think they are "above" them. I often hear, "Oh, that's programming, I'm not touching that.", or "I don't mess with that Unix stuff." That kind of approach will keep you limited for life, and for a security professional it's pretty much a sign of death. The top security pros approach the unknown very similarly, i.e. by saying, "That can't be too hard..." That's the attitude you need to have.

  • Be An Engineer, Not A Technician
    If you don't understand how things work then you will stay at the bottom of the ladder in this field. Knowing how to operate things isn't enough. Problem-solving, which is ultimately what consultants and most infosec professionals do, requires an understanding of the issue at hand, as well as how the solution functions. You can't be a button-pusher and get to the top.

  • Combine Book Knowledge with Hands-On
    Many screw this up in one direction or the other, and it's not something you can get away with in Security as easily. It's related to the previous one, but is different enough to mention. In this field you need to not only study theory but also know how to implement that knowledge in real-world environments. If you study but can't see how it applies you're dead, and if you can implement but don't understand underlying concepts you're dead too (see above). You have to have both. I strongly recommend investing in a considerable lab environment and implementing what you find interesting during your reading.

  • Sharpen Your Communication Skills
    Few things are as important as the ability to communicate well. This includes both verbal and written communication. It's not enough to know lots of things; you have to be able to get that knowledge out there to your client/users in a way that is useful to them. Imagine you have two ratings on a scale of 1-10: message and interface. Well, the impact of your communication is the product of the two. So if your message is a 10, but your interface to the client (how well you communicated it) was only a 2, your overall score is just a 20. But if your message is a 9 and your interface is an 8 then your score is a 72. You need both.

** Note: refined version at: »dmiessler.com/archives/954

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert to alamarco

Mod

to alamarco
As the subject suggests, the question here is how did you become a security expert?
The old fashioned way. Somebody hacked into one of our servers, and I had to quickly learn how to deal with it, and how to make sure it wouldn't happen again.

Krispy1
Premium Member
join:2001-12-11
the stix

Krispy1 to alamarco

Premium Member

to alamarco
said by alamarco:

As the subject suggests, the question here is how did you become a security expert?
I have no freakin' clue...am I an expert even?!

I dunno, I get this question alot and basically my answer is 'where there's a will there's a way' - I was super interested in it so would geek out in front of the computer and learned lots and put that to use and people recognized it.

That said times are changing, when I started out there wasn't much in the way of 'computer' degrees and much like my counterparts in the security industry I have little related qualification for what I am skilled at (I actually went to school for recording engineering) but these days there are degrees and courses for network security and the pendulum between what you know and what the piece of paper says you know swings back and forth so who knows what employers are looking for right now but I can tell you that the network security field has lots of jobs available for the right people (and don't be scared away by the job listings that are asking for insane qualifications...apply anyway).

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco

Premium Member

Thank-you for all the replies so far, I appreciate them all. I don't think I do enough of helping other people, more over because I'm afraid of getting stuck. After reading these replies, I realize that without getting stuck you'll go no where as you learn the most when you solve things that are difficult. I just set up a day to go over a friends house to help clean up the PC . I hope to make that a regular thing, though not that regular, because that would mean they aren't learning anything themselves . I also want to try posting more here .

I think when ever I get the money I'm going to buy a separate server to fool around with. Hopefully sometime soon, that way I can experience things first hand and see what/how they're doing things.

I'm actually going to school for network security, but I doubt this will be enough as school tends to be outdated and don't teach you everything you need to know.

Thanks again for all the replies, the more the welcome. I'm sure others have thought about this question without asking out loud .

SpannerITWks
Premium Member
join:2005-04-22

SpannerITWks to alamarco

Premium Member

to alamarco
Sorry just seen this " This is mainly for those who are at the top of the food chain with regards to security "

I'm outa here lol.

Spanner

Kilroy
MVM
join:2002-11-21
Saint Paul, MN

Kilroy to alamarco

MVM

to alamarco
Like nwrickert See Profile, for self preservation. When the network that you thought was secure gets hit by MSBlaster because someone hooked their work laptop up to the home network to browse the web, then brings their infected laptop back to your network you take an interest in security real fast.

I don't do it full time, was just an advisor for a year or so until a formal group was formed. I really wouldn't enjoy doing it full time so I didn't apply.

I just try and keep up the the problems that could affect me and forward them on to the folks in charge if they are major. The problem with dealing with a large established network is that the fix can break 100 other things.

MagMan
Life is simpler when you tell the truth.
Premium Member
join:2003-10-01
Westlake, OH

MagMan to SpannerITWks

Premium Member

to SpannerITWks
said by SpannerITWks:

Sorry just seen this " This is mainly for those who are at the top of the food chain with regards to security "

I'm outa here lol.

Spanner
Your to humble Spanner you deserve to be up on that soap box to.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

1 recommendation

jansson_mark to alamarco

Premium Member

to alamarco
1) Use computers. If you dont use them, you just cant know them.
2) Keep yourself "up-to-date" with security issues. This way you know whats happening and will learn HUGE amount of other data too.
3) Be interested about the issues and have courage on doing what you know is right.
4) Repeat steps 1-3.

cluelessn00b
@anon-online.org

cluelessn00b to alamarco

Anon

to alamarco
Dam, it took me 4 years to learn to be a button pusher, so you say I still have more to learn?!

cork1958
Cork
Premium Member
join:2000-02-26

cork1958 to jansson_mark

Premium Member

to jansson_mark
said by jansson_mark:

1) Use computers. If you dont use them, you just cant know them.
2) Keep yourself "up-to-date" with security issues. This way you know whats happening and will learn HUGE amount of other data too.
3) Be interested about the issues and have courage on doing what you know is right.
4) Repeat steps 1-3.
That's about it!

ahulett
Premium Member
join:2003-02-02
Little Elm, TX

ahulett to alamarco

Premium Member

to alamarco
In addition to the great advice already provided, you may also consider including a specific security discipline in your learning. Along with gaining knowledge and experience with the security landscape as a whole, pick a specific area, drill down into it as much as possible, and become an expert at it. Having a specialty makes you more attractive to potential companies, especially if the job or role has a specific knowledge request that you are proficient at.

Depends on if you want a better understanding to help more protect yourself and others, or if you're looking for a career in this space.

Aaron

jrs8084
Premium Member
join:2002-03-02
Statesville, NC

jrs8084 to Daniel

Premium Member

to Daniel
Sharpen Your Communication Skills
Few things are as important as the ability to communicate well. This includes both verbal and oral communication.

And the difference between verbal and oral communication is?

Sorry, I couldn't resist. Good information.

Daniel
MVM
join:2000-06-26
San Francisco, CA

Daniel

MVM

said by jrs8084:

And the difference between verbal and oral communication is?

Sorry, I couldn't resist. Good information.
One uses more verbs. Duh.

(thanks...I'm off to fix that now...)
BarneyBadAss
Badasses Fight For Freedom
Premium Member
join:2004-05-07
00001

1 recommendation

BarneyBadAss to alamarco

Premium Member

to alamarco
said by alamarco:

Thank-you for all the replies so far, I appreciate them all. I don't think I do enough of helping other people, more over because I'm afraid of getting stuck.
But it's the getting stuck that makes it interesting. When you get really stuck and ask for help, you expand you knowledge.

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco

Premium Member

Thanks again for all the replies, I'm actually putting most advice in a word document for future reference. A lot of this stuff is gold, exactly what I was looking for. In a day or two, after hopefully more replies, I plan to look at everything and lay down a path. Until now I've never really took initiative towards my future, but I want to make security my future.

dadkins
Can you do Blu?
MVM
join:2003-09-26
Hercules, CA

dadkins to BarneyBadAss

MVM

to BarneyBadAss
said by BarneyBadAss:
said by alamarco:

Thank-you for all the replies so far, I appreciate them all. I don't think I do enough of helping other people, more over because I'm afraid of getting stuck.
But it's the getting stuck that makes it interesting. When you get really stuck and ask for help, you expand you knowledge.
Agreed! If you never ask questions, you may never get the answer.
Kiwi88
Premium Member
join:2003-05-26
Bryant, AR

2 recommendations

Kiwi88 to alamarco

Premium Member

to alamarco
The day one gets a tic about some really screwed up BS on their PC, is the day that an interest arises! Then that thought moves on, as well demonstrated by many

Just spent more than four hours getting this replacement Laptop clean....Yes, it's easier to format and find drivers; but I would like to see some of the hidden stuff

The lower "Life Forms" keep on trucking..Lol

Somehow it seems those that grew up with DOS [For a WIN environment] had a grip on what & how things really worked.

Experts are a dime a dozen & they are always RIGHT..Lol

Cheers
sruser
join:2005-04-21
Arlington, VA

sruser to alamarco

Member

to alamarco
Crespo,

Check out www.retrobox.com for used computers. I have ordered 4 computers off this site at really good prices. If all you need is a box, keyboard, and mouse then this will fit your need. Hope this helps.

Daniel
MVM
join:2000-06-26
San Francisco, CA

Daniel to alamarco

MVM

to alamarco
I suggest using VMWare instead of multiple computers.

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco

Premium Member

Thanks for all the replies again, all are appreciated. VMWare seems like a good choice, and I just checked and I get Microsoft's Virtual PC for free from my university. Probably not as good as VMWare, but it should do the trick .

cacroll
Eventually, Prozac becomes normal
Premium Member
join:2002-07-25
Martinez, CA

cacroll to BarneyBadAss

Premium Member

to BarneyBadAss
said by BarneyBadAss:
said by alamarco:

Thank-you for all the replies so far, I appreciate them all. I don't think I do enough of helping other people, more over because I'm afraid of getting stuck.
But it's the getting stuck that makes it interesting. When you get really stuck and ask for help, you expand you knowledge.


Don't overlook curiosity, and imagination. And whatever you can dream about, you can bet that the bad guys (who are paid to do their work) are already working on it.
cacroll

cacroll to alamarco

Premium Member

to alamarco
said by alamarco:

I'm actually putting most advice in a word document for future reference. A lot of this stuff is gold, exactly what I was looking for.


Remember that what you read today will change next week.

Find the web sites with the good advice, and bookmark them. Better yet, subscribe to their feeds. And when you have a few spare hours, instead of turning on the TV, or playing WOW, read the latest news. There is absolutely no end to what you can learn.
BosstonesOwn
join:2002-12-15
Wakefield, MA

1 recommendation

BosstonesOwn to alamarco

Member

to alamarco
I work on network and server security, specialized uses like securing the gsm / tdma standard when it hits the providers networks and protecting their interests as well as preserving and helping maintain the e911 system and the locational devices used for that service.

The one thing I learned is there is no real expert on a subject because everything moves so fast. You have the people who try and stay ahead, then the people who stay afloat, and those who look for jobs.

I was dropped into this job when a providers system was hacked wide open , my boss at the time tried pitching a solution and failed so I went in and they bought into the whole security checks I would have implemented. Now I work at a fortune 500 global company and do the provider work on the side.

I don't know what security side you were aiming for system side or server side but I can say , keep a heads up on the hacking sites and be proactive about reading what the bad guys are up to. That is the only real way to keep alive in security, on both sides.

Midak
Doctors suck
Premium Member
join:2002-02-26
Stormville, NY

1 recommendation

Midak to alamarco

Premium Member

to alamarco
I am not at the top of the food chain yet but I have been driven to learn more and more ever since I discovered this forum. BBR has actually been my main source of learning when it comes to the PC. I was in school a few years ago, took the A+ courses, Net+ and some others but truthfully, I feel I learned more here. My A+ "teacher" did not know enough to teach the class so that was a disaster and one of the things that turned me away from that school. Since then, when someone comes to me with a mal-infested computer, I go through my own steps (checking startup items, registry items, etc.) and the hijack this steps that this forum put forward. I try to Google things that I do not recognize or search here. Some things seem obvious at this point like random character names of executables in the system32 folder but I know I have a long way to go. I would like to go back to school again just not sure which courses I should take, what certifications I should go for and so on. I do watch certain threads here and look over older ones to see if I can pick out the same issues that I see others picking out in hijackthis logs. I am getting better at it but I am just not all that comfortable yet that I feel I could field one of these threads myself.

I started out as a gaming enthusiast until I got a virus, a trojan, packed in with a Super Mario Brothers emulator. Since then, the whole world of malware has captured my curiosity. If anyone can reccomend good courses I could take, I would greatly appreciate it.
BarneyBadAss
Badasses Fight For Freedom
Premium Member
join:2004-05-07
00001

BarneyBadAss

Premium Member

as it goes about learning security the thing one needs to really understand is the functional security characteristics available in any given OS.

For example; with some large MainFrame systems these systems are generally "concurent multi-user" engines. The OS's on these systems permit access to resources at a "Gross" level.

Each HDD is a "RESOURSE"; datasets / files on the HDD is a "Resource"; the network is a "RESOURCE"; Tape drives are "Resources"; even programs are "Resources".

Owners have control of whom (other users) they permit to have access to the resource; IE; they can log onto the system only from termial x between xx:xx - yy:yy hrs on M; W; F; or they can only execute some programs that update files through the program. sure they can view the data that the program generated but they may not be able to amend or otherwise alter the data without the use of the specific program associated.

I only wish these kinds of security interfaces were archiected into other OS's to this level of granularity; From what I've seen thus far; security is still a "mis-nomer" of an idea... it's getting better; but it's not there yet.

ranschultz
Premium Member
join:2004-05-28
Canyon Country, CA

1 recommendation

ranschultz to alamarco

Premium Member

to alamarco
As previously discussed, hands on experience is probably the best way to grasp and truly internalize security. Sometimes it's hard to get started, though, without establishing a foundation. There are a number of certifications available. The one that I'm most familiar with is the Certified Information Systems Security Professional (CISSP)(see ISC2). It covers a lot of security subjects that have not been mentioned so far in this thread. Whether you actually get the certification or not, I think that you will find that simply looking through the associated documentation will alter your mindset about security and make you more inherently paranoid

CISSP Common Body of Knowledge includes:
•Access Control
•Application Security
•Business Continuity and Disaster Recovery
•Cryptography
•Information Security and Risk Management
•Legal, Regulations, Compliance and Investigations
•Operations Security
•Physical (Environmental) Security
•Security Architecture and Design
•Telecommunications and Network Security

Daniel
MVM
join:2000-06-26
San Francisco, CA

Daniel to alamarco

MVM

to alamarco
Agreed, looking at the study material for various certifications is often a good way to round out your skillsets. It at least lets you know where you have weaknesses according to "the industry".

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco

Premium Member

Again, I'd like to thank everyone for their replies, all are appreciated.

So far, it seems most are in agreement on the following:

- Delve into the unknown, getting stuck is a good thing if you take the time to learn

- Keep current with technology, reading when ever possible

- Playing around in a lab type of environment to experience things hands on

- Share the knowledge with everyone, using your knowledge to help others, which will also help expand your own knowledge

- Take courses when offered
- If no time for some courses, look into them and learn course content on your own time

- Know how to communicate



I think the lab type environment is going to help a lot, though I think everything together will help overall. I know that this wont happen overnight, but I really hope to be efficient in security one day. All the spare time I have between school, homework, and friends I'm going to put into security.

Again, more replies are welcome. If you have any experiences or stories to share, please share them .