View previous topic :: View next topic |
Author |
Message |
kamilsok n00b
Joined: 02 Mar 2010 Posts: 57 Location: Gdynia
|
Posted: Tue Oct 09, 2012 5:21 pm Post subject: cyber-security engineering career |
|
|
Hello
I'm thinking about shifting my career a little from sys admin/developer to system/network security engineer but, as with most topics, web resources are very broad and it's hard to filter quality ones from the "mob".
I would like to ask You guys about career paths, required skills, good learning resources and any type of tip that You can find? _________________ "If you are using Linux as a development platform, do not skip first learning administration and security. It is a foolish programmer indeed who is not master of his or her own computer" |
|
Back to top |
|
|
audiodef Watchman
Joined: 06 Jul 2005 Posts: 6639 Location: The soundosphere
|
|
Back to top |
|
|
steveL Watchman
Joined: 13 Sep 2006 Posts: 5153 Location: The Peanut Gallery
|
Posted: Fri Oct 12, 2012 11:46 am Post subject: |
|
|
I would start by working with and understanding the different security protection models you can implement. The easiest way to do that would be to set up a few virtual machines, and experiment with their setup and configuration, within a virtual network. Then run security-scanners against them. I take it you're familiar with use and administration of hardened gentoo: you should be running that as your main machine, so that you're familiar with it on a day-to-day basis, and always up-to-speed with its administration. Hang out in their IRC channel, and sign up to their mailing-list.
You should definitely know SELinux and pax-utils very well, and understand Linux Security Modules well enough to work on them. Be prepared to do a lot of research, and make sure you understand netiquette.
Once you've got some knowledge about use and administration, start to contribute to a project, firstly just by trying to fix configuration and usage bugs that you find, things that annoy you. Keep up to date with security mailing lists and vulnerability lists like CVE, and try to understand the different attacks that you see, then start thinking how you can patch software before anyone else does, to make it more secure for everyone: that will help you build a reputation.
Beware of the temptation to crack systems: it's a negative path, and won't take you anywhere good in your life.
Personally I have a high regard for grsecurity which is the umbrella project that pax-utils is part of.
If you find IRC or mailing-lists a bit bruising (they can be) just /join #friendly-coders on chat.freenode.net for a sanctuary and somewhere you can ask for further explanation of what those asshats were on about.. ;)
You won't get there overnight, so take it easy and enjoy the journey :-)
Good luck,
steveL. |
|
Back to top |
|
|
audiodef Watchman
Joined: 06 Jul 2005 Posts: 6639 Location: The soundosphere
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|