Ok, so in '02 I got my A.S. for Computer Network Technology. Fresh out I looked for work, but couldn't get hired because of the "NO EXPERIENCE" clause. So I joined the military, got into the intel community, got a clearance (which I prefer not to talk about here). and got a honorable discharge. Now: I'm a civilian again and i still dream of a job in the INFOSEC field. But i haven't really done anything with my degree. It went to waste while in the military it seems. I still to this day consider myself to be far above the level of knowledge of an everyday IT. I've been looking to get in to pentesting for quite some time now. Past that A.S. that I earner almost 7 years ago i really haven't done anything to show continued education. So here comes the major questions:
I have a family now, debt, (you know all that adult stuff). So there's no way I can afford to go back to college now to say earn my Master in Comp. Sci. ...I'm really not all that interested in having a IT/Helpdesk/"...Help! i forgot the password to my email" kind of job. Instead I want to hack. Plain and simple. Been that way for years. Now I just want to make it my career. I can run just about any OS, Win (all) 'Nix, (used UNIX in the military) and use BT3 as a personal favorite. Although I've never loaded and ran Free BSD (...maybe my next personal project). Point is, I'm NOT just some beginner. I've been in it for a while without ever really being IN the field. So, If I was looking to break into the pentesting/INFOSEC world, how would you recommend i do it? Where would I start? These things that may come common to some are not to me because I've never made it to that field. What Certs should I look at getting? What books might you recommend that could held catch me up? And honestly, does it even seem possible to still break into the field (no pun intended) with only a vast knowledge/extreme will/and only a few certs?
Any feedback would be appreciated.
Thanx in adv.