Hey, thanks for the responses!

For tears, I'm okay with simple control structures, arrays, pointers, etc. I was just wondering how to "specialize". If it's simply "become a complete programming guru", then I could face some problems since I already have one occupation.

For terr, I already own Hacking Exposed, but it seems that most of the stuff in there relies on tools written by others. While I'm not quite dead against "script kiddies", since regardless of their coding abilities, they can still obtain the desired results if they understand the tools fully.

I purchased Hack Attacks Revealed, but that is a glorified code listing without hardly any comments on what the code is doing. I'm not against whipping out the debugger and stepping through what it's doing, but I feel that that book was written to a programmer and not even a typical "security professional" since most of my more experience colleagues hardly even touch code and they've done a pretty good job protecting the large corporation I work for. We've had two security audits and no penetration attacks succeeded.

Some of my colleagues believe that I'm possibly wasting my time since they believe if you know what to protect, that is more than half the battle.

My response to them is that every computer professional can't be so lax and that some of these attacks are taking advantage, through code, of things that can't always be easily protected.

B-Man