.

Whats the best way to start Hacker/Pen testing training?

<<

Darth Que

Newbie
Newbie

Posts: 4

Joined: Sat Jan 31, 2009 5:25 pm

Post Tue Feb 03, 2009 8:27 pm

Whats the best way to start Hacker/Pen testing training?

First of all, thanks for making such an awesome site. I never have seen such a solid site! I have a couple questions, and I apologize if you answered them before. I used your search engine, but I couldn't quite connect the dots. Hence, this post.

Little about me, I worked in IT for the past 9 years on/off. I started in the Navy. I was on the Incident response team. I knew some of the guys from Red Team, but I was not qualified to join the team (inexperience, clearance etc). Now that I have worked in IT as, helpdesk and Tech Support, I want to narrow my focus. I want to get into Cyber security and ultimately end up penetration testing or Red Teaming.

I have picked up some knowledge from a combination of work, school and hobbies. I picked up some programming (Java, Perl, php, MySQL), network analysis and sys admin (Server 2000, Server 2003 and Linux) over the years. I already have a personal LAN/Lab at home. However, I'm not sure how to gain a solid foundation in hacking/network security. I was planning on buying 4 books. These books are Gray Hat Hacking, Second Edition, Hacking: The Art of Exploitation, 2nd Edition, Hacking Exposed, Sixth Edition: Network Security Secrets And Solutions and The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws. I read the reviews on them, and they seem to be considered worthy reads.

Which book should I purchase first or should I purchase a Security+ study guide and a CCNA study guide  first and come back to these books later? Also, I have used Ubuntu and Red Hat linux. Should I stick with these or should I move on to BT/Slackware? If your recommendation is that I should move on to BT/Slackware please note the advantages of this switch. Thanks for your time.
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Tue Feb 03, 2009 9:12 pm

Re: Whats the best way to start Hacker/Pen testing training?

Greetings Darth,
  Normally I answer your question with the recommendation of a firm understanding of TCP/IP, but you are probably beyond that. The very first place to start then is to read what you can and those books are fine. But be careful of becoming just another “arm chair” security pro.  To counter that, I would recommend jumping into some tools as you’re acquiring your book knowledge and there really isn’t a better tool to start with than Nmap.  It really is the backbone for most hackers and it’s the foundation that “almost” all hacks build on when attacking a server.  Don’t just race through it, really try and learn it completely and by heart.  There is a lot to keep you busy for a little while with that one tool and Fyodor, the creator of Nmap, has just made an excellent book available called Nmap Network Scanning which is 468 pages long.
  Ubuntu is a great distro and I would say you should stay with it and learn to build your own tools or at least how to compile them on there if you dont know already.  Along with that, playing with BT is fine to get a feel of a variety of tools, just dont make it a crutch because you never learned linux in depth.

PS~ I dont know you do I, lol?
Last edited by Kev on Tue Feb 03, 2009 9:17 pm, edited 1 time in total.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software