The best way to get in to Security?

[mlank81]

Hi,
I'm an IT major who works as a helpdesk tech., but wants to get in to IT Security. Any Suggestions? What books are best, what certifications should I go for, what are the best on-line sites, and what programs are good to work with. I've done security for my home pc's, but that's it. Any information would be helpful. Thanks.

Lank

[phobia]

I would assume that simply by being an IT major you would have some ground of knowledge. THen again depending on the school you go to, you may not. Where to start? First beat the living hell out of your english professor. Then from there... You have to pick the actual field of IT that you most want to work in. Even within security there are many. YOu like forensics, or maybe being just a network admin is your thing. You have to figure out where you want to start.

As for what to read... that question is about as hard to answer as anything. THere are plenty of books. Each with different skill sets and things they go over. If you just want to learn some basic stuff... Head over to amazon. THey have a wide range.

P.S. a personal favorite of mine is Security Warrior. But, I am an Orielly reader so anything by them is usually good to me.

[Aspman]

If you want to work in IT security you'd probably need to work at the sharp end first for a while. Probably try to move away from the help desk into sysadmin type roles. It would be hard for you to advise on the secure way to do things if you haven't done them ever before. Reality is often a long way from theory in these things and what might be the most secure way to something in theory might not work in reality.

I work in Information Security which covers IT security but all information including paper as well.
I came from a background where I worked in small companies so I had exposure to a little of everything. Sysadmin work, web designing, bit of programming, firewalls, Linux and Windows etc etc. You need to know a bit (often a lot) about everything.

Books, I read O'Reilly as well.
I've only done one course which was ISEB Information Security Managament Principles. Good introduction to infosec if that's your bag.
My work is mostly audit, compliance, policy and procedure writing. But I'm getting sent on a firewall course soon not because I need to be able to administer the firewalls but because I need to be able to make sure that the firewall guys are working properly.

[ric-o]

Greetings mlank81:

Some general tips...

* Learn networking ...learn as much as you can. Know all the protocols, how they operate, know the basics of the OSI model (yes, this is a good starting point). You absolutely must know networking very well to have any hope of getting into the info sec field.

* Know operating systems: *nix, Windows, etc. Know how to configure them, their services, learn how they operate.

* Know hardware.

* Know auditing principles.

* Know policies, standards, procedures. How to develop, enforce, etc.

* Knowing web administration, database admin, etc will help too.

* Did I mention you must know networking?

My advice is to know a little to moderate about a lot of things in IT...be a generalist. You COULD instead specialize in a couple things but would recommend you do that AFTER you learn a little about everything.

Read everything...but start with networking.

Just my .001. Good luck...you'll have a lot of fun...hope your brain is a sponge.

[mlank81]

Thanks everyone who has replied to my thread so far. I appreciate it. Also, ric-o, GO STEELERS! Come Feb 5th we will have that one for the thumb. As you were saying ric-o, networking, networking, networking. I do have a 4 yr. bs in IT and have Network+ certification, so I have some networking experience. I'm working on getting my Security+ certification so I can have some entry-level knowledge. I'm wondering though, if it would be a good idea to setup a Linux/Windows XP server up in my house and put it on my network so I could work with security programs. Also, what things would be good to use? I appreciate any help that you can give. Thanks.

[SD-7]

If you are really interested in making out into it security then do mcse(security),then CIW security professional course which great .check it out on www.ciwcertified.com. and research Antionline is good source to learn more. i work in an ISp in INDIA. so best of luck

[Aspman]

This was posted on Scheier.com today. Might give you some ideas.

http://www.sans.org/salary2005/

[mlank81]

Actually Aspman I thought that was very helpful in just seeing what Certifcations are out there and which ones matter more. It's definitely a direction to look in as to which way I should further my education. I appreciate it. Thank you.

[ric-o]

Originally posted here by mlank81
I'm wondering though, if it would be a good idea to setup a Linux/Windows XP server up in my house and put it on my network so I could work with security programs. Also, what things would be good to use?

Absolutely. This will give you a way to learn how to secure systems and understand what vulnerabilities they have.

I would recommend putting up a small private network with couple computers. On one of them have your security tools on it and the other is your _target_. On the security PC (secPC) install either Windows or Linux. If Windows than use Windows 2000 Pro as XP doesnt run all the sec tools that well due to raw sockets issues. Install Ethereal on it and some sort of network port scanner like SuperScan or ScanLine and play around scanning your target system. Or Nmap in Linux.

There's tons of other free (and commercial) tools out there depending on what you are testing. Make a list of things you want to test and then research how and do it.

That's a starting point at least.

Originally posted here by mlank81
GO STEELERS! Come Feb 5th we will have that one for the thumb

Yeah baby! [Austin Powers voice]

[@tt!tud3]

Originally posted here by mlank81
Hi,
I'm an IT major who works as a helpdesk tech., but wants to get in to IT Security. Any Suggestions? What books are best, what certifications should I go for, what are the best on-line sites, and what programs are good to work with. I've done security for my home pc's, but that's it. Any information would be helpful. Thanks.

Lank

SANS has a lot of good stuff. You don't necessarily have to go to the courses, just read some of the articles.

As for certifications, these are some of the major ones. They have slightly different focuses (policy vs practice, that sort of thing), so do some investigation:

Security +

GIAC

CISSP