Looking for advice for career path as a Ethical Hacker

Viewing 19 reply threads
  • Author
    Posts
    • #6771
      Disneycrack
      Participant

      Hello,

      First I would like to introduce myself. My name is Stafford, I’m 21 years old and am currently in the Army. Before the Army, I worked at Geek Squad as both an in-home and precinct agent (just call it a computer repairer) for 2 years before the military.

      I have been trying to learn as much about computers as I could since I was about 10. I love everything involving computers. I had a ton of issues deciding on exactly what field I wanted to work in until I came across ethical hacking. I have gotten my feet wet with learning Python and the intricasies of Software Security.

      I recently decided to change my degree from an Associate’s in Software Programming to an Associate’s as a Network Systems Administration. I have been trying to get in contact with some professional’s in the field that can help me chose the right path to get into the Ethical Hacking field. Once I ETS out of the Army in two years I will be pursuing a career in this field. I have found the perfect field for me.

      My question is where would a beginner start? I have been researching a ton and have only really found certifications you need, but have had trouble with a good Bachelor’s to obtain for the field. Any help would be greatly appreciated, and if you have questions for me, do not hesitate to ask as I am really trying to get my path cleared for once I ETS so I can support myself and my wife once I leave the Army.

      Thanks for all the help in advance.

    • #41971
      Disneycrack
      Participant

      I also obtained a Secret Security clearance in July of 2009 when I joined the Army.

    • #41972
      cd1zz
      Participant

      The network and systems admin path one way to do it. That’s the way I did it. Hang on to that security clearance. There are tons of federal gigs on the east coast that want clearance.

      This is actually a pretty common question on these boards, “how do I get into security…” Like I just told the last guy, there is a 100 ways to do it, just depends what part of security you’re interested in.

    • #41973
      Disneycrack
      Participant

      I was looking to be more focused on the networking side.

    • #41974
      Anonymous
      Participant

      Hi Stafford,

      I think the best way forward would be hold on to that security clearance and try teach yourself as much as you can. It is very hard to get into security it took me 8 months to get a junior position with a company.

      Most companies in the UK look for tester who have done CREST or TIGER.
      It would be worth looking at these and seeing what you know and do not know on the syllabus and try learn from them. Also maybe try and do some hacking courses on your own just to build you skills up. OSWP or hackingdojo there are also lots other just look on forums they are the two that spring to mind as I have done OSWP and doing hackingdojo.

      Having a good understanding of networking is good  as well web applications.

      You should also get involved within the community depending on where you are in the UK there are forms like this one. you have DC4420 once a month in London or places like the BCS they have lots groups this great way to get you name into the industry and I got most my interview from people I meet at these locations. Also if you are not on linked in I would recommended joining up good way to network again have had lots people in the industry help me from that site.

      I hope this helps here are a few links too.

      http://jamierougive.co.uk/ My site maybe some use
      http://dc4420.org/ dc4420
      http://ypisg.bcs.org/ Young professional information security group

      hope this helps 🙂 and good luck!

    • #41975
      Triban
      Participant

      Like cd1zz mentioned the Net admin route is a good place the start, but certainly don’t limit yourself to just networking.  As an ethical hacker you will need to be a little versatile, essentially you will be looking for a job as a pen tester either external or internal to a company.  If you work for a large enterprise you may be asked to test their systems before they go and have an outside firm have at it.  You may need to be able to test various platforms from web applications to trying to bypass network controls on the switch/router end of things.  Too keep yourself from getting overwelmed you will want to look at becoming good in a particular area, specialize in what is of the most interest to you.  Keep your scripting skills sharp and always keep informed.  Twitter is a great place to get your news.  There are a few key pros out there to follow.  Attend conferences, don’t worry you don’t need to drop the cash for something like DEFCON, there are plenty of free or inexpensive conferences out there.  Some occur pretty frequently.  I highly recommend you check out a Security B-Sides conferences http://www.securitybsides.com.  Those are great places to meet some local talent and network.

      Also have you considered trying to utilize the Army to get a foot hold somewhere?  It seems the DoD is trying to capture up talent to man their Cyber Defense programs, you already have the clearance, and they would probably invest in furthering your interest so long as it suits their needs.  Otherwise, don’t stop at the Associates, consider the Bachelors since many private sector companies like to see that.  Though like they said, with the clearance and military background some things can be overlooked.  So pick your poison, specialize and hunt for the experience.  The certs are great to determine what you need to learn to be at that level, getting them is even better but having a good amount of background knowledge beforehand is also good.

      Good luck and also these boards are a wonderful place to come for guidance.  So don’t be a stranger.

    • #41976
      Disneycrack
      Participant

      Thank you for all that information, I will definetly utilize it. I plan on being on these boards regularly to get well versed in the field. I am currently in Iraq at the moment, but will have to get up on these conferences to get my face out there and meet some people. Thanks again

    • #41977
      rance
      Participant

      My typical answer to these types of questions is, you need to know a little bit about everything, especially as an app pen tester.  A few scenarios:

      Site1:
      Running on a shared hosting server
      Mostly static HTML only site
      Uses a flat file database to present some data

      Site 2:
      Web 2.0 site
      Tomcat on Apache
      MySQL database
      Uses PHP and RUBY
      Also uses SOAP and AJAX
      Heavily driven with Javascript
      Only ports 80 and 443 are open

      Site 3:
      Web 2.0 Site
      IIS server
      MSSQL database
      Uses .Net and ASP
      Relies heavily on Web Services
      Ports 20, 22, and 23 are open

      So, here we’ve got potentially 3 different server technologies, 5 programming languages, 3 data base types, 2+ web 2.0 technologies, and 3 if not 5 network ports to investigate.  (Some people might disagree that ports aren’t part of a app pen test, but if through scarping data off your site, I’m able to put together a username/password combo, and I can then SSH to your box successfully, I call that a win.)

      In other words, you need to know a lot about all the underlying technologies.  It’s also a good idea to know not just that a vulnerability exists, but to understand HOW the exploit works.  You can run an automated too, and it may come back with, say, an XSS vulnerability.  Do you just report it at that point? No.  You need to verify it.  This is where the knowledge comes in to play.  You need to be able to repeat the attack without the help of a scanner, and you need to understand it enough to be able to explain it to your target audience.  Just showing a pop-up box that say “XSS ALERT!” isn’t a very swaying example, and in most cases you’ll get the *shrug* and a “so? you made a box pop up.”  You need to be able to articulate why it’s dangerous and how it can be exploited.

      Not trying to dissuade you, just encouraging you to learn a bit about all technologies that drive web sites.  The more knowledge you have, the better tester you’ll be.

      (Of course, if you’re going in to network pen testing, that’s different ;D )

      Good luck!

    • #41978
      Disneycrack
      Participant

      I don’t plan on just sticking to networking, just trying the best way to get my foot in the door. From there I plan on expanding my horizons to other areas in the field. Thanks for the links and help Rance and Jamie, I will make sure to check into these for sure.

    • #41979
      sil
      Participant
    • #41980
      the_Grinch
      Participant

      sil – thanks for reposting this, I had been looking for it and I knew it was from you, but couldn’t find the address!

    • #41981
      Disneycrack
      Participant

      Thank you very much for that link sil. That was absolutely incredible and will make sure that I bookmark that immediately

    • #41982
      Disneycrack
      Participant

      Sil, once again thank you for that link. Even though I didn’t understand around half of it, I at least know where to get started to try and get a foot up before I get real deep into everything.

    • #41983
      Disneycrack
      Participant

      My next question would be which certifications to obtain first?

    • #41984
      sil
      Participant

      I think you need to pick your own poison and go from there. Think of security in terms of a baseball team. Here you are saying: “I want to play which position should I aim for?” What are your strengths and weaknesses. Focus on your weaknesses to bring them up to par with your strengths while in parallel upping your strengths.

      In security, there are a lot of avenues to choose from. Forensics, pentesting, application security, cryptography, networking, etc. Each have their unique methodologies, technologies, protocols, pros and cons.

      Examples:

      ++++++++++

      Forensics. Where would you want to fit in? Working as an incident responder researching malware, researching e-Discovery, researching the cause of a compromise? What field? Pros: Banking, insurance, defense industries, huge Fortune 100s are always in demand for these types of individuals.

      Cons: Job can be linear, stressful, repetitive.

      Certifications: (real world relevant) GCFE, GCFA, EnCe, GCIH, ACE, CCE, GREM, WCNA (Wireshark), GCIA

      ++++++++++

      Pentesting: Where would you want to fit in? Define pentesting. Too many companies have turned this field into a tool (Core Impact, Metasploit, Nessus, etc) however there is more to pentesting than running tools. In order to fit into a well rounded position, the document I linked you too will give you excellent foundations needed. You then need to progress into a more linear stage (focus on applications (which web application, business applications (SAP, etc)).

      Pros: Can be fun, creative, non-linear (no two pentests are ever the same)

      Cons: Industry has created too many retards that rely far too much on tools. Many industries are now mandated to have penetration testing (PCI requirement). With that stated, many companies are relying on point and click drop boxes (QualysGuard) and calling it a “pentesting day.”

      Certifications: (the ones that count) GPEN, CEPT, OSCP, OSCE, CPT, RWSP

      ++++++++++

      Network security: Where would you want to fit in? Managing firewalls, IPS, IDS, DLP, acronym hell? Performing network analysis’ with tools and hardware such as nGenius, Netwitness, Wireshark, etc., this can criss-cross the forensics realm.

      Pros: ALL COMPANIES need network security period.

      Cons: Can be as linear as in point A to point B

      Certifications: (ones that count) WCNA, CC{N,D,S}P, GCIH, GSEC

      ++++++++++

      Take note, all the certifications I listed are TECHNICAL, for those wondering why CISM, CISA, CGEIT, CISSP, etc isn’t listed. And NO, the SSCP to me is not a technical cert. When I state “ones that count / relevant” I mean the ones you *truly* want to aim for as you WILL LEARN while getting them. Not to take anything away from say the C|EH, CHFI but it is what it is. I felt the certifications I listed would help you LEARN something as opposed to dumping a billion tools on your lap and telling you “hey this is a security tool, learn this tool’s syntax and we will give you a shiny certificate!

      Your best bet regardless of any advice you see from me or anyone else is to determine something that you can enjoy while making money. I would hate to focus on Forensics only to have a job I hated doing e-Discovery 24x7x365. I know people that dread getting into the field. They work to dissect/analyze info, go to court, are stressed out as all hell. The money they make doesn’t cover sanity, happiness.

      Go over to Dice.com and check the markets for certs also. Search for the certification itself to see its demand and WHO is asking for that particular cert. That is a good baseline as is e.g:

      http://www.payscale.com/research/US/Certification=Certified_Ethical_Hacker_%28CEH%29/Salary
      http://www.payscale.com/research/US/Certification=SANS%2fGIAC_Security_Essentials_Certification_%28GSEC%29/Salary
      http://www.payscale.com/research/US/Certification=SANS%2fGIAC_Certified_Intrusion_Analyst_%28GCIA%29/Salary
      http://www.payscale.com/research/US/Certification=SANS%2fGIAC_Certified_Forensic_Analyst_%28GCFA%29/Salary
      http://www.indeed.com/salary/q-Forensic-Consultant-Ence-l-New-York,-NY.html
      http://www.indeed.com/salary?q1=GREM&l1=New+York%2C+NY

      Hope that helps

    • #41985
      cd1zz
      Participant

      don – this should be bookmarked forever. sil, thanks for taking so much time to write this up, now we can forever refer folks to this post and that other detailed page on your site…

    • #41986
      Disneycrack
      Participant

      I would like to personally thank everyone for their help. I have been searching high and low for around 3 months trying to get some solid information, and you guys have laid everything out that I had questions about. Thank you so much for pointing me in the right direction, and I will be sure to stay around and contribute to the community as I further my studies in whatever I decide to do.

      I extremely appreciate the time everyone has taken to help me. Thank you

    • #41987
      Anonymous
      Participant

      @rance wrote:

      My typical answer to these types of questions is, you need to know a little bit about everything.

      This is the worst part of answering this type of question. How does one explain that a person needs to know everything, and in great detail?

    • #41988
      Dark_Knight
      Participant

      @sil wrote:

      I think you need to pick your own poison and go from there. Think of security in terms of a baseball team. Here you are saying: “I want to play which position should I aim for?” What are your strengths and weaknesses. Focus on your weaknesses to bring them up to par with your strengths while in parallel upping your strengths.

      In security, there are a lot of avenues to choose from. Forensics, pentesting, application security, cryptography, networking, etc. Each have their unique methodologies, technologies, protocols, pros and cons.

      Examples:

      ++++++++++

      Forensics. Where would you want to fit in? Working as an incident responder researching malware, researching e-Discovery, researching the cause of a compromise? What field? Pros: Banking, insurance, defense industries, huge Fortune 100s are always in demand for these types of individuals.

      Cons: Job can be linear, stressful, repetitive.

      Certifications: (real world relevant) GCFE, GCFA, EnCe, GCIH, ACE, CCE, GREM, WCNA (Wireshark), GCIA

      ++++++++++

      Pentesting: Where would you want to fit in? Define pentesting. Too many companies have turned this field into a tool (Core Impact, Metasploit, Nessus, etc) however there is more to pentesting than running tools. In order to fit into a well rounded position, the document I linked you too will give you excellent foundations needed. You then need to progress into a more linear stage (focus on applications (which web application, business applications (SAP, etc)).

      Pros: Can be fun, creative, non-linear (no two pentests are ever the same)

      Cons: Industry has created too many retards that rely far too much on tools. Many industries are now mandated to have penetration testing (PCI requirement). With that stated, many companies are relying on point and click drop boxes (QualysGuard) and calling it a “pentesting day.”

      Certifications: (the ones that count) GPEN, CEPT, OSCP, OSCE, CPT, RWSP

      ++++++++++

      Network security: Where would you want to fit in? Managing firewalls, IPS, IDS, DLP, acronym hell? Performing network analysis’ with tools and hardware such as nGenius, Netwitness, Wireshark, etc., this can criss-cross the forensics realm.

      Pros: ALL COMPANIES need network security period.

      Cons: Can be as linear as in point A to point B

      Certifications: (ones that count) WCNA, CC{N,D,S}P, GCIH, GSEC

      ++++++++++

      Take note, all the certifications I listed are TECHNICAL, for those wondering why CISM, CISA, CGEIT, CISSP, etc isn’t listed. And NO, the SSCP to me is not a technical cert. When I state “ones that count / relevant” I mean the ones you *truly* want to aim for as you WILL LEARN while getting them. Not to take anything away from say the C|EH, CHFI but it is what it is. I felt the certifications I listed would help you LEARN something as opposed to dumping a billion tools on your lap and telling you “hey this is a security tool, learn this tool’s syntax and we will give you a shiny certificate!

      Your best bet regardless of any advice you see from me or anyone else is to determine something that you can enjoy while making money. I would hate to focus on Forensics only to have a job I hated doing e-Discovery 24x7x365. I know people that dread getting into the field. They work to dissect/analyze info, go to court, are stressed out as all hell. The money they make doesn’t cover sanity, happiness.

      Go over to Dice.com and check the markets for certs also. Search for the certification itself to see its demand and WHO is asking for that particular cert. That is a good baseline as is e.g:

      http://www.payscale.com/research/US/Certification=Certified_Ethical_Hacker_%28CEH%29/Salary
      http://www.payscale.com/research/US/Certification=SANS%2fGIAC_Security_Essentials_Certification_%28GSEC%29/Salary
      http://www.payscale.com/research/US/Certification=SANS%2fGIAC_Certified_Intrusion_Analyst_%28GCIA%29/Salary
      http://www.payscale.com/research/US/Certification=SANS%2fGIAC_Certified_Forensic_Analyst_%28GCFA%29/Salary
      http://www.indeed.com/salary/q-Forensic-Consultant-Ence-l-New-York,-NY.html
      http://www.indeed.com/salary?q1=GREM&l1=New+York%2C+NY

      Hope that helps

      How did I miss this??? Great post Sil….I also agree that this post should be a sticky.

    • #41989
      Anonymous
      Participant

      Not a problem Disneycrack glad you found what you was looking for.

Viewing 19 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?