Hiya!  This is my first post on here, so I'll add some history in aswell...  Sorry if this is a bit long  

I got out of the British Army 2 years ago after having been in for 10 years.  For that time I was just a regular PC user at work, but for the last 2 years in, and the 2 years since, I've been really interested in network security and hacking.

My resettlement training was pretty crap, with no real qualifications or certification and I managed to stumble into a helpdesk job purely from the fact I have security clearance!

In the last 4 years I've been studying on my own in view of moving into security / pen-testing, but I have no idea about how to go about this.
I've been a regular at 2600 meetings and have been using backtrack since it was Auditor, but my experience is still limited.
My current job is as a helpdesk bod on a nationwide network running unix, linux and windows, but I have NO chance of moving into the security side of it as that's all done from the states.

Any courses / certification will have to be self funded, as my employers won't pay for anything that has (in their oppinion) nothing to do with my job!

Essential, what I'm asking is, What are the best certifications to go for for someone starting at the very bottom, and how much will they actually influence me getting a job in that field?

Any help on this would be greatly received.

Regards,

`ph0x

Security+ by CompTIA and then CEH (certified ethical hacker) from Ec-council would be a good way to go as recommended by xXxKrisxXx.
Employes like to see someone with a CISSP on their resume but it is really quite hard to get and it will take probably too long to be on your todo-list at this point..still something you should consider after you got more experience.

Another thing which may help you is to support some opensource projects or write articles if you feel comfortable with this.

Another thing which is often recommended is to start a blog where you could write about your projects and proceeds.

Unless you just need to demonstrate your networking knowledge, I'd avoid Net+.  I have it and can honestly say the test was completely worthless.  Security+ isn't a bad way to go for an initial cert if you want to work in the field. 

My personal recommendation for a networking certification is the CCNA.  While it is harder than N+, employers know that.  It demonstrates that you have actual marketable skills including basic configuration and troubleshooting of Cisco routers and switches.  Some people will say that CCNA doesn't prove you can do anything marketable.  I disagree.  Others will say that CCNA isn't as good as Net+ because it is vendor specific.  While that's true, lets face it, Cisco rules the market.  Additionally, I find that the knowledge for CCNA is a superset of the knowledge required for Net+. 

For that matter, if you can pass CCNA on your best day, you can pass Net+ after an all night bender (hangover included).

This is my unbiased advice.  I don't work for Cisco or Comptia and I have both certs (although if I trade my Net+ paper for my $125, I'd take it).

Hiya.
Thanks again for the responses...

The main reason I was thinking of doing the N+ first is that my basic network knowledge still has some pretty big gaps, mainly in the whole 7 layer model...
My reckoning was that I'd do the N+ to get those basic's down and then move on to the CCNA...

Regards,

'ph0x

Hiya.
That was pretty much my thoughts on it...  I'm now planning on the N+, followed by the S+, with the required top-up for the CCNA somewhere along the way...

Once, again, thanks for the comments, thoughts and info!

Regards,

`ph0x

Oh yeah, I forgot to mention that I had no certs when I got my first security job.

If you want to get into penetration testing and live in UK you should also take a look at CHECK, which is required when testing goverments. Though this might be interesting for you after you did one of the others.

Although a little off topic.. Don's post reminded me on his very good presentation he gave some time ago which is titled "DIY Career in Ethical Hacking", which might motivate you even more. It is certainly worth to listen too.

Normal version
R-Rated version

If you liked it then be sure to check out Rob Fuller's Couch to Career in 80 hours or less presentation too.