.

What I Need To Do. Thoughts?

<<

dmef

Newbie
Newbie

Posts: 2

Joined: Wed Nov 10, 2010 10:34 am

Location: India

Post Fri Dec 10, 2010 12:53 pm

What I Need To Do. Thoughts?

Hi all,
First, you people have a great forum and the people are very friendly hats off to everyone and a very big Thank You for sharing knowledge

Second, I am a system administrator for the past two years and of-late i am planning to move into security field(penetration testing) and become specialized in it.

So with my limited knowledge I came upon this board and started reading all the threads and have come to a point where I am somewhat clear of what i need to do.

I have passed RHCE and have a good understanding of Networking and *nix based systems but have very little knowledge of Windows with this background I plan to do the following to get me started in my path.

Step 1  Step 2 Step 3    Step 4 Step 5 Step 6
RHCE   eCPPT OSCP    M.S Security Job       SANS Certs, CISSP

Things to know apart from RHCE in Step 1
----------------------------------------
01. Good basic knowledge of Networking (TCP - IP - UDP)
02. Basic to intermediate knowledge of Shell Scripting
03. Basic C and Python Programming

Things to know apart from eCPPT in Step 2
-----------------------------------------
01. Good understanding of *nix based OS
02. Internediate level to Advanced level knowledge in Networking
03. Good programming(Network releated) knowledge in C
04. Good understanding of ASM(x86,others) Programming
05. Good understanding of Windows OS

Things to know apart from OSCP in Step 3
----------------------------------------
01. Still have No idea, once I finish eCPPT I think I will know what to learn(just a guess tho)

Things to do in Step 4
----------------------
01. Get an internship in security firm to gain experience in the field
02. Prepare for OSCE

Things to do in Step 6
----------------------
01. After getting a job will do SANS Certification
02. After getting enough experience will do CISSP

Books I think which will help me
--------------------------------
01. Assembly Language Step-by-Step Programming with DOS and Linux by Jeff Duntemann
02. Build Your Own Security Lab - A Field Guide for Network Testing by Michael Gregg
03. Building Open Source Network Security Tools, Components and Techniques by Mike Schiffman
04. Counter Hack Reloaded by Edward Skoudis and Tom Liston
05. Crimeware - Understanding New Attacks & Defenses by Markus Jakobsson and Zulfikar Ramzan
06. File System Forensic Analysis by Brian Carrier
07. Google Hacking for Penetration Testers by Johnny Long
08. Hacking Exposed by Stuart McClure, Joel Scambray, and George Kurtz
09. Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort by Michael Rash
10. Malware Forensics: Investigating and Analyzing Malicious Code - by Cameron H. Malin, Eoghan Casey, and James M. Aquilina
11. Network Intrusion Detection by Stephen Northcutt and Judy Novak
12. Practical Unix & Internet Security By Simson Garfinkel, Alan Schwartz, Gene Spafford
13. Rootkits: Subverting the Windows Kernel by Greg Hoglund and Jamie Butler
14. Security Metrics Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith
15. TCP/IP Illustrated Volume 1 & TCP/IP Illustrated Volume 2 by Gary R. Wright and W. Richard Stevens
16. The Shellcoder's Handbook: Discovering and Exploiting Security Holes by Chris Anley, John Heasman, Felix Lindner, and Gerardo Richarte
17. The Tao Of Network Security Monitoring - Beyond Intrusion Detection by Richard Bejtlich
18. The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard and Marcus Pinto
19. Virtual Honeypots -  From Botnet Tracking to Intrusion Detection by Niels Provos and Thorsten Holz
20. Linux Command Line and Shell Scripting Bible by Richard Blum

I subscribed to Bugtarq, Full disclosure, Pen Testing mailing lists.
I also subscribed to RISK newsletter from Qualys Inc, and reading every issue of Phrack to gain as much knowledge as possible.

Sorry for making such a long post, but thought I will tell whatever I know and ask for guidance, can you please tell me of things I am missing, so i can learn and practice them?

thanks a lot for your time

dmef
Last edited by dmef on Mon Dec 13, 2010 10:14 am, edited 1 time in total.
"Some things Man was never meant to know. For everything else, there's Google."
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Fri Dec 10, 2010 1:37 pm

Re: What I Need To Do. Thoughts?

Step 1  Step 2   Step 3    Step 4      Step 5   Step 6      
RHCE      eCPPT   OSCP       M.S Security    Job          SANS Certs, CISSP


OSCP and GPEN have a overlap (so I've read) in fact, there is a lot of overlap in most security certifications. I laid out what I truly believe would make someone a very sharp, well rounded pentester in about a year http://infiltrated.net/pentesting101.html

It focused on most levels necessary to accomplish a lot in a little bit of time. The issue/nuisance with this industry is, its constantly changing. This is why I feel BS/MS in comp science is worthless. By the time your studies are done, the framework, theories, tools and applicability of them, is outdated.

Anyway, take some time to read that page and adjust. Books that I've read and I would recommend:

The Art of Deception: An Introduction to Critical Thinking
Influencer: The Power to Change Anything
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide
SQL Injection Attacks and Defense

CounterHack Reloaded
Security Assessment: Case Studies for Implementing the NSA IAM
The History of Information Security: A Comprehensive Handbook
Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Hacking: The Art of Exploitation, 2nd Edition
The Shellcoder's Handbook
The Web Application Hacker's Handbook

Take note, the first two have ZERO to do with technology. What they will help you to do is understand things from different perspectives, to open up one's method of thinking. I could go on with the post and I keep telling myself to re-write that page (PenTesting 101) but I stick to my guns, the more you know all around, will enable you to breeze through pentesting. Since you have an RHCE, I don't know why "Job" isn't second on your list. Surely you can qualify for a junior analyst (incident response) and work your way up.

I would do the following:

RHCE, WCNA (http://www.wiresharktraining.com/certification), CCDA STUDIES (doesn't matter if you take the CCDA, understanding networking IS HUGE period. Best to know if from the ground up, helps at the end of the day), GSEC, OSCP, GWAPT, OSCE, RWSP

;) Hows that for alphabet soup. Sure its a bit extreme, but knowing what I know now, this would be the optimal route to put me at a "well rounded and knowledgeable" pentester if I ever saw one
Last edited by sil on Mon Dec 13, 2010 10:15 am, edited 1 time in total.
<<

dmef

Newbie
Newbie

Posts: 2

Joined: Wed Nov 10, 2010 10:34 am

Location: India

Post Sat Dec 11, 2010 11:51 am

Re: What I Need To Do. Thoughts?

Thanks sil,
Regarding job, next August is when i can move from my current job position so I thought I better utilize the time in getting certifications, so only I pushed it to step 4.

I need to do M.S due to some private constraints, so I thought I better do it in security which may help me during job hunting. And regarding certificates the path you have laid out is really wonderful, will plan around that.

pentesting101 was really informative, will try to follow that schedule as much as possible apart form the certifications.

Thanks again for your kind and valuable feedback.

regards
dmef
Last edited by dmef on Mon Dec 13, 2010 10:15 am, edited 1 time in total.
"Some things Man was never meant to know. For everything else, there's Google."
<<

Methodikal

Newbie
Newbie

Posts: 10

Joined: Tue Nov 16, 2010 10:10 am

Post Wed Dec 22, 2010 9:17 am

Re: What I Need To Do. Thoughts?

Sil,

Appreciate the path you laid out from someone who seems to really be knowledgeable in pentesting. One question I have is, at what point do you recommend learning programming languages like Python, C, and assembly?

Methodikal
Got EIP?
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Dec 22, 2010 8:10 pm

Re: What I Need To Do. Thoughts?

In regards to language learning....depends what you know right now. Do you have any programming exp? I would say that scripting languages like python and perl are a thousand times easier than assembly and still easier than C but thats just me. As far as exploits go, you'll need to know a little of everything to get things to work right. I am by now means a good programmer but know how to read it and modify it.

I dont think that pentesting is just a flat set of skills. It's really an art form. There are multiple ways to nail a box, just depends how you want to do it and what you're better or worse at.
<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Thu Dec 23, 2010 10:04 am

Re: What I Need To Do. Thoughts?

@ Sil

pentesting101 is a very good read!
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Fri Mar 04, 2011 11:00 am

Re: What I Need To Do. Thoughts?

Thanks to the mods for sticky'ing this thread.  This is exactly what I was looking for!

sil wrote:
Step 1  Step 2   Step 3    Step 4      Step 5   Step 6      
RHCE      eCPPT   OSCP       M.S Security    Job          SANS Certs, CISSP


OSCP and GPEN have a overlap (so I've read) in fact, there is a lot of overlap in most security certifications. I laid out what I truly believe would make someone a very sharp, well rounded pentester in about a year http://infiltrated.net/pentesting101.html

It focused on most levels necessary to accomplish a lot in a little bit of time. The issue/nuisance with this industry is, its constantly changing. This is why I feel BS/MS in comp science is worthless. By the time your studies are done, the framework, theories, tools and applicability of them, is outdated.

Anyway, take some time to read that page and adjust. Books that I've read and I would recommend:

The Art of Deception: An Introduction to Critical Thinking
Influencer: The Power to Change Anything
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide
SQL Injection Attacks and Defense

CounterHack Reloaded
Security Assessment: Case Studies for Implementing the NSA IAM
The History of Information Security: A Comprehensive Handbook
Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Hacking: The Art of Exploitation, 2nd Edition
The Shellcoder's Handbook
The Web Application Hacker's Handbook

Take note, the first two have ZERO to do with technology. What they will help you to do is understand things from different perspectives, to open up one's method of thinking. I could go on with the post and I keep telling myself to re-write that page (PenTesting 101) but I stick to my guns, the more you know all around, will enable you to breeze through pentesting. Since you have an RHCE, I don't know why "Job" isn't second on your list. Surely you can qualify for a junior analyst (incident response) and work your way up.

I would do the following:

RHCE, WCNA (http://www.wiresharktraining.com/certification), CCDA STUDIES (doesn't matter if you take the CCDA, understanding networking IS HUGE period. Best to know if from the ground up, helps at the end of the day), GSEC, OSCP, GWAPT, OSCE, RWSP

;) Hows that for alphabet soup. Sure its a bit extreme, but knowing what I know now, this would be the optimal route to put me at a "well rounded and knowledgeable" pentester if I ever saw one


I just read through the pentesting101 article you posted; lots of great information in there.  And I had never heard of the Wireshark cert before, so I went and read up on that also.  I had a question regarding the "alphabet soup" list.  You listed WCNA before CCDA studies.  Would doing networking studies before WCNA build a good foundation on understanding the WCNA material better?  I figured if Wireshark is used for troubleshooting network activity, etc, maybe it's better to do the network studies (which may or may not include obtaining a Cisco cert) prior to jumping into WCNA.  Thoughts?
Last edited by lorddicranius on Fri Mar 04, 2011 1:10 pm, edited 1 time in total.
GSEC, eCPPT, Sec+
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Sat Mar 05, 2011 8:27 pm

Re: What I Need To Do. Thoughts?

I don't know if I'd do the CCDA before the WCNA but I may be wrong. I had the CCDA book a long time ago and never got around to getting that cert (my current employer doesn't put much cred in them but I may be changing jobs soon so I'm on a multi-cert quest). ChappelU has a "Core 1: Wireshark Functionality and TCP/IP Analysis (CPE: 23)" course that covers the basics of most network protocols, demonstrating on a packet level just how the protocol works. For example, the Discover,Offer,Request,Ack sequence for dhcp or the Syn,SynAck,Ack handshake a TCP packet does. The Core 2 course goes much more in depth about attack signatures, packet loss, window size problems. If I remember right, each course had something like 25 hours of videos. I was going to take the 2 courses but for only a hundred more you can get an 'all-access' pass to all her videos, which I believe are more than a hundred hours of videos. I was so fascinated by them, I watched them all in about 3 weeks....good stuff.

On another note, Colasoft's Capsa is a really good sniffer as well.
ISC2 Associate, WCNA, CWNA, OSCP, Network+

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software