..Whats your opinion?

<-- Complete n00b to the ethical hacking community and I've been on a windows computer all my life.  I'm in IT and I want to be more learned on security and everything that is involved.

So far I know that you need 

-->

Basic/Advanced Linux Knowledge



Add to my list!

Thanks,

I've read Mitnik's art of deception... Really cool what you can do with social engineering.

I'll check out the two other books you mentioned.

I'm completing my MCSA at the moment for my position here and theN i'm going to go into CCNA training, get some switches/routers and set up a virtual network.  In the meantime, work with linux at home and get a handle on the OS and go from there I think.

Necessary ethical hacker skills, the starter edition:
TCP/IP
OS basics for M$ and the *IX distro of your choice
Internal network basics (switches, hubs, firewalls)
A sense of humor (preferably dirty but manic is also acceptable)
External network basics (routing, IP, interaction with internal networks, etc)
Relationship between services, ports, and how exploits work
Washboard abs
Some familiarity with coding (not expert, but can muddle through)
Understanding of general web application construction (front/back end, etc)
A WOW account (maybe EverQuest if you roll like that)
Some level of business sense (need to explain business impact of your findings)
A comfort level with your skin tone being 3 shades more pasty than your racial peers

lol, I've got a lot of that on the list.... Working on the distro basics and washboard abs atm....

The coding part is what scares me... I took a weed out java class in college and I think that scarred me for life regarding programming... I've been thinking of picking up C Primer Plus and working through that...


Oh if I only had 40 hour days it would be so much easier to go through everything I want to learn.

pretty good replies

where the F were you guys when this was going on

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,1821.0/

as far as programming. if you are new, start incorporating it into your learning plan NOW, if you stick with this field and you cant code or script you will hit a point where you cant put your ideas into code (or not easily) and that just sux

BigTone82,

first off welcome to the forum.

Only thing I'd add to the list is that before you get any of the things previously listed you need one thing, patience.

From my experience it take a lot of time and a lot more work to be an 'ethical hacker'. I've been around IT and security for a while and don't come close to what I'd class as a hacker (leaving the holy-wars out of it  ) but I'm learning fast, have the ethical part and I'm still here wanting to improve.

As others have said learning the basics first helps (TCP/IP etc.) but don't expect to learn everything instantly. Most importantly though if you want to remain interested in the field for the long game, ignore all the advice here and study whatever makes you go 'ooooh, hows that work?' be it IDS, shellcode, scanning, etc. I found this has helped keep up motivation to learn through the 'do I really need this?' moments.

If you dive in wherever you're most motivated you'll find the basics come through time as and when you need them. (at least I'm finding that).

Good luck, and don't be afraid to ask the questions when necessary (just ask google first  )

The Penetration field is quite deep and wide, you can specialize in Windows pentesting, or databases, or web application security, what ever floats your boat. if you are very comfertable with Windows and know how to secure it well and have read the hacking exposed books or similar and would like to know more about Linux I would reccomend that you check the Linux documentaion project, and howtos, try to setup a server and secure it, and pen test it, scripting in Linux/Unix world is a must to understand the start/stop scripts, and to automate most of your work, In brief use what you already got, and develop yourself in the areas you enjoy most