November 10th, 2003, 08:26 PM
Where to start
I have a high passion for network security and I am currently beginning college for network communications managment. Anyway, I would like to know where should I begin! I've been looking over the AO website and there seems to be so much info I feel overwhelmed. I would like to get my feet wet into the security of networks but I do not know where to start...other than "on my own network" (of course) but what can i start doing to secure it.
November 10th, 2003, 08:30 PM
Are you certifyed in any thing?...Any past experiance?....i think i could talk to some ppl...Where do you live?
November 10th, 2003, 08:42 PM
o you already know about networks?
Do you already understand TCP/IP?
If you dont i would definatley recommend that you learn as much as you can about it.
Also what kind of network security job are you planning on reserach or consulting?
Just keep browsing AO and get some basic ideas of what you want to do... good luck.
November 10th, 2003, 08:44 PM
I do not have any certs as of now, but I am familiar with the A+ and Net+ Certs. My friends say I probably can take the test and pass. I have little experince I work in a call center for DSL tech support. Which, we do not support networks so it does not give me "that much" exp.
But, what I would like to know if where should I start? I know a good deal about TCP/IP and other network protocols. Networking is no problem it is the security that I want to get started in. I know a good bit about firewalls and have a hardware one on my personal network but what "more" can I do?
November 10th, 2003, 08:56 PM
One of the things I'd ask you, is what interests you as it will help focus your attention since security is such a wide field.
Generally, if you have your own network, then try to figure out ways to find info on your own machines and then perhaps even break into them. You need to start exploring beyond firewalls. Investigate things like Intrusion Detection Systems (IDS), penetration testings (pen test), honeypots, authentication mechanisms, etc. Information is key for your next step in security (and learning..)
Some resources worthwhile to consider:
Securityfocus.com has some good lists (although they've gone heavily moderated)
netsys.com (full disclosure list is found here -- it lives up to its name.
Intrusion Detection Analysis by Stephen Northcutt et al. (excellent book)
Hacking Exposed 4th Edition
@Large (might be hard to find)
The Cuckoo's Egg (might be hard to find)
Read here and ask questions.
Hope that helps somewhat.
November 10th, 2003, 08:58 PM
hummm....well something that would probably help would be for you to just go out and buy a book on network security. Just read and learn.
November 10th, 2003, 09:20 PM
I know somethings about IDS's but there is a lot of room from impovement there, thank you
Also, I do not know how to do penetration tests and "obviously" I will look into that.
And Its funny how you suggested a book that I was looking at just Yesterday in a book store.
Hacking Exposed 4th Edition (so I will check that out in more detail
Thank You for your help
November 10th, 2003, 09:23 PM
For IDS, I'd recommend starting with Snort from a more formalized IDS and using tcpdump on the "unformalized". tcpdump is designed as a sniffer but it's power in showing full packets. Learning to understand what packets are going by can help understand your network and help you see changes/oddities.
Penetration means testing your network/computers for flaws, vulnerabilities, etc. Nmap is a good place to start. I believe TheHorse13 has now put up his 4th tutorial on this tool. Might be worthwhile to look into.
November 11th, 2003, 02:10 PM
My brother is looking for a network Tech in his store...but its in minnesota