Your short-term priority should be learning the basics and getting your foot in the door somewhere
I'm currently trying to do this.....Do you think my ABSOLUTE FIRST STEP should be to read A+ material? (Assume I have no knowledge other than HTML and basic C,C++...? Thanks please be sure to
mention the FIRST STEP.
I know a few hackers who began with A+ and Security+ material, they turned out to be great.
you can start accumulating real-world experience.
After I have some knowledge in some thing, I plan to practically apply that and when I actually get to hacking I will build a hacking lab, though I might need some help on that.
There's a book by Thomas Wilhelm on that. (Publisher: Syngress, they publish a lot of good books on hacking.)
Systems run on the network, so understanding how they work will make you a more effective network administrator/engineer.
Its OK if I study networking and then concentrate on individual OS, right? Or is that a must?
You can learn networking first and then Operating Systems, or the way other way around if you desire so. Learning how TCP/IP functions first is a good idea, as learning about Operating Systems in depth, can be a bit boring. (Paging & Memory Handling algorithms, Filesystems, Program structure (not as deep as reverse engineering though, just what I'd call an "overview" of e.g., PE (EXE) and ELF formats. Just so you know what it means.) There's a lot more, you'll read about it when you need to
Otherwise, it's definitely possible to become a millionaire on a six-figure salary if you're smart with your money.
I really think that pen-testers don't get paid as much as they should....
And I think that a six dollar sum comes only with 10 years in pen-testing......
What if I become really good at it but my starting salary is still like only 50,000, right? Is it possible to land a six dollar starting salary?
PenTesters often get higher salary than rest of the IT-world, hence the reason many sysadmins, even those that has absolutely no desire for infosec, moves into "infosec" with a CISSP or CEH and gets 10k extra a year or so.
Generally I'd say, a penetration tester's pay / salary, is pretty decent. Starting out as a junior, at some companies at least, pays good enough to have an acceptable living where you can eat properly. Plus you get to work with hacking, other hackers, and possibly get free training and perhaps even certs, that's pretty good.
Remember that money isn't everything. It should be second to hacking, if you want to be a true hacker that is.
(Some of the best hackers in the world, have normal jobs outside IT and their salaries are not that good, but they hack because they love it. But go for corporate hacking, because you will probably have a lot more fun if you want to work with it daily.)
No matter how "good" you are, you have to be able to justify what you're worth, by knowledge but also in many cases proven experience. If you can't prove your knowledge besides saying you're really good, the company won't be able to know whether it is true or not. (If you on the other hand, have written several tools, advisories / pocs (0days), and much more, they can at least have some sort of picture even if you have no experience.)
The more you learn, the bigger the picture will be, and sometimes it can be overwhelming to know (and don't make this disencourage you), that you will never stop learning
There is always something new to learn, something to research, and this is what gives me that happy feeling inside, that we have not yet discovered all the vulnerabilities in every single program or operating system, and that we haven't explained every mathemetical flaw there are in the implementation of several protocols.
So I heard you like hacking.. (Read through the entire thread at work today)
Yes! Thanks for taking the time to do that
It was very kind of you
The reason why you need to learn how systems function, is also because you need to know what happens when you run an exploit. Sometimes, you have to reboot the server, and if you're testing in a production environment and your scope says you should avoid crashing services or entire servers for that sake, then you should make sure which exploits could DoS or crash servers or services. (And thereby avoid crashing them. It also serves the purpose, of being able to identify why the vulnerability exists, in case of configuration errors, and how to resolve it. Running a "canned exploit" as mentioned earlier, is the easiest part.)
Thanks for the info mentioned above and for taking the time to type that.
I don't know EXACTLY what you meant but I've got a good idea, and it really helps in learning something when you know WHY you're learning it
you could probably do it in 5 years All it takes, is dedication and the ability to find information on your own as well.
Thanks for the encouragement
You're explanation of the pen-tester's dream was also very satisfying. I plan to work in whatever I specialize in
Oh and do you know if learning Microsoft Access is of any use?
As for the 'dream company' do you have any ideas? (I was thinking Microsoft ......?)
Even though you plan to work in whatever you specialize in, be prepared to work in what you're capable of working with for starters and some time. This experience gives you more knowledge, but also proven experience on your CV / resumé, plus you will meet other great hackers most likely, and perhaps change specialization. (You never know.)
Learning Microsoft Access, I would say no, you should rather learn MySQL and / or MSSQL. MS Access isn't that widely used in web apps, I think I've seen it once where it was definitely not easy to exploit, but it's nice to know about. If you know SQL which generally is quite easy (of course 'easy' is relative), but then you pretty much just need to know the difference between MySQL, MSSQL, and use the cheatsheets you can find online for both, but also the others like MS Access. (Yes there's cheatsheets to help you inject, not tools, but knowledge you can use.)
The way I learned SQL during my education, was with this query: SELECT piece FROM cake WHERE size < mouth;
All the words in big letters are SQL "commands", the semi-colon needs to be there in almost all, if not all SQL queries at the end, and the words in small letters, are entries in a database, meaning there's at least "4 variables" in this query.
SQL is defined into databases, tables, and columns. The database is where you store all the data for a specific application, such as this "cake factory app" (or whatever you want to call it). The word after "FROM", in this case 'cake', is the >table name<.
This is where the columns 'piece', 'size', and 'mouth' are defined.
The database could look like this:
|________ cake ________|
| piece |
| size |
So it (cake) is a table with 3 columns (piece, size, mouth) in it.
'cake' itself can't have a value assigned to it, but 'piece', 'size', and 'mouth' can.
Now, there's a lot more to databases, but this is the basics and I'm sure if you think about it for a while, it'll make sense if you didn't get it right away. (If not, think of Excel and use rows and columns as a reference instead. Same principle.)
Back on topic, the 'dream company', is not Microsoft. No offense intended toward Microsoft, but it is just not them, unless your entire world is about Microsoft and you love everything they create, then you should join their security team, but keep in mind you should aim to become a developer instead, not a penetration tester then. It's the same thing with IBM generally, and Google too. They're big in the global IT market, but they're not big when it comes to Penetration Testing.
Dream companies, are those that perform real penetration testing, hires the good hackers, and knows what they're talking about. One of them could be: Rapid7 (they're sometimes hiring, mostly developer positions), but there's a lot of companies I can't remember the names of, that I know from friends' experience are more than great. Some of them have awesome bonuses and encourages research, others have crazy parties, some almost always go to the big conferences (Black Hat LV and Defcon, but also Derbycon too), and some will let you travel around the world.
So when you have job interviews with companies in your country, ask them about the job, what they generally do, which conferences they go to if any, and of course if they're doing work for the government, or the private sector, but also whatever else is on your heart. (Just don't ask about the salary.)
What I like the most, is primarily web application security, research, sharing my knowledge, and hopefully sometime in the future, go to various conferences and one day at least Defcon. But I can't just say I only want that, I have to bend and give the company the value they expect and learn various things I may not usually consider learning, but in the end, the only result will be that I'll be smarter.
What you should focus mostly on, is getting relevant and correct information, so when you research something, it's useful to read the same thing from several resources in some cases unless you know it's a fact from a trusted source. (Keep in mind that Wikipedia can be edited by anyone, and even though it generally is quite correct, it does contain various mistakes in some topics, so be careful trusting what you read. The best way to make sure something you read is true, is to test it locally on your own systems in a safe way, in case it is a hacking method.)