.

Where to start?

<<

uz3r

Newbie
Newbie

Posts: 10

Joined: Fri Feb 25, 2011 3:18 am

Post Fri Feb 25, 2011 3:31 am

Where to start?

I have been a computer user most of my life and know my way around windows and ubuntu. I know my way around desktop pc hardware but have no hacking or programming experience. I just started school and am planning on taking CIS classes in hopes of later becoming a network security admin and penetration tester as well as a comp hardware technician. Recently my financial aid was dropped because I didn't renew my fafsa and now I have 5 months of nothing to do as I am an unemployed felon (lol)
Now I've discovered several different courses of action in the last week as I have decided to go the way of working towards dynamic studies towards certification. I am considering CompTIA A+ because I've heard its a good place to start for someone with no experience in the field. However, I've also checked out Career Academy (which teaches CompTIA course) as well as elearn security and Hacking DOJO. I heard that CEH certification is not as thorough and deep rooted and is more the understanding of how to use specific tools. I want a full and thorough understanding for when the government takes over the internet XD

So my questions:

Where is the best place to start for a beginner like myself?

If CompTIA A+ is the best route, would I go with the CompTIA site's A+ courses or Career Academy's A+ courses?

I have a good number of reading material on the subject but as I have nothing to do for the next 5 months, I wouldn't mind spending my money where I have actual instructors and labs for which to get support and experiment with. Any other suggestions would be very appreciated. Thanks! :)
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Fri Feb 25, 2011 10:27 am

Re: Where to start?

Welcome to the forum.

This is actually a pretty common question on the forum, so common infact that there are pinned topics in the Pentester section. You'll probably find the answer to your questions there.

As for labs. Some classes will let you use there lab for a fixed amount of time, or you could build your own. Building your own lab will give you some extra skills, like running VMWare, and system installation of different kinds.

You'll want programming skills too. They make some good network simulators that will work for what you want to do, or you could hit up ebay and buy used equipment.
OSWP, Sec+
<<

uz3r

Newbie
Newbie

Posts: 10

Joined: Fri Feb 25, 2011 3:18 am

Post Fri Feb 25, 2011 7:28 pm

Re: Where to start?

I actually have VMware on my windows 7 boot. I'm running a windows/ubuntu x64 dual. I have been looking at CompTIA.org with their elearning bundles but I've also seen careeracademy and learnkey are viable options. Any suggestions or preferences? I'll likely be teaching myself python as I go seeing as how I have pretty much limitless time on my hands.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Mar 02, 2011 9:43 am

Re: Where to start?

If you can afford it, take a look at courses offered by InfoSec Institute. Their basic Ethical Hacking course goes through some of the most important basics and offers enough hands-on practice to get your hands dirty. If you can't take the live course, you could opt for the online version, which is a recorded version of a live training. The course also prepares for both CEH and CPT.
<<

uz3r

Newbie
Newbie

Posts: 10

Joined: Fri Feb 25, 2011 3:18 am

Post Wed Mar 02, 2011 1:09 pm

Re: Where to start?

I already checked out InfoSec and they are way too expensive. I'm taking TestOut's 7-day free trial and I got the CBT Nuggets 2009 A+ videos. Do you think TestOut + CBT Nugs will be sufficient? I'm teaching myself out of my house, just taking mad notes and reviewing everything. I have a good knowledge of hardware and software installation and operating systems.
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Fri Mar 04, 2011 10:00 am

Re: Where to start?

To add to my recommendation above, get a copy of Dissecting the Hack: The F0rb1dd3n Network by Jayson Street, Brian Baskin, and Kent Nabors.

I got a copy the other week and have been reading it. It's pretty good, broken up in to a story section that gives you an idea of the tools are used, and the STARS (Security Threats Are Real) section that goes a little more indepth on the tools and tricks used in the story.

The book won't make you a hacker overnight, but it will give you some ideas of things to look at and play with.
OSWP, Sec+
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Fri Mar 04, 2011 10:52 am

Re: Where to start?

Don't forget about metasploitable. If you don't have a lab, it'll definitely help beginners.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Fri Mar 04, 2011 3:05 pm

Re: Where to start?

WCNA wrote:Don't forget about metasploitable. If you don't have a lab, it'll definitely help beginners.


Thanks for the metasploitable recommendation, that looks like a great tool to use to learn metasploit (which is currently on my list of things to do :)).
GSEC, eCPPT, Sec+
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Sat Mar 05, 2011 8:37 pm

Re: Where to start?

Your welcome. I don't know why someone hasn't already done this but I think it might be a very good opportunity for someone to open a site that would let security students vpn into a lab with a whole bunch of vulnerable machines. Sorta like what muts does with the OSCP course. You could have deepfreeze on the machines and they would reboot every hour, wiping out all the pwnage. You could even have contests to see how many machines you can compromise before the hour is up.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Mon Mar 07, 2011 7:26 pm

Re: Where to start?

Stay tuned. Something very much like what you describe is in the works, and we hope to have exactly such an environment available in the near future. When we have the beta environment nailed down, we'll be pinging the EH netters to test it out, so get your l337 h4X0r Sk1ll2 warmed up.
<<

AndyB67

User avatar

Full Member
Full Member

Posts: 100

Joined: Fri Jan 14, 2011 7:13 am

Location: UK

Post Thu Mar 10, 2011 2:41 am

Re: Where to start?

WCNA wrote:Your welcome. I don't know why someone hasn't already done this but I think it might be a very good opportunity for someone to open a site that would let security students vpn into a lab with a whole bunch of vulnerable machines. Sorta like what muts does with the OSCP course. You could have deepfreeze on the machines and they would reboot every hour, wiping out all the pwnage. You could even have contests to see how many machines you can compromise before the hour is up.


Check out http://www.hacking-lab.com/events/swiss ... tml.&nbsp; They have competitions running for hacking their systems.  Currently not doing it to win the car, just gain experience!
Net+ Sec+ More to come
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Sat Apr 02, 2011 9:39 pm

Re: Where to start?

So I've finally gotten around to setting up some VM's (using VMWare Player), went to download Metasploitable and I can't seem to find a link that works.  Initially started here and found that the "torrent" link doesn't work anymore.  I tried a few searches around metasploit.com with no luck either.  Anybody know of a good link to download from?
GSEC, eCPPT, Sec+
<<

millwalll

Post Sun Apr 03, 2011 10:39 am

Re: Where to start?

There is a a link here http://www.metasploit.com/learn-more/how-do-i-use-it/test-lab.jsp This show how to setup a lab http://www.securityaegis.com/pentest-lab-web-application-edition/

If you need any help let me know as I was at same stage you are around 6 months ago send me a PM
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Sun Apr 03, 2011 4:14 pm

Re: Where to start?

Awesome, thanks Jamie :)
GSEC, eCPPT, Sec+
<<

uz3r

Newbie
Newbie

Posts: 10

Joined: Fri Feb 25, 2011 3:18 am

Post Sat Apr 09, 2011 3:20 pm

Re: Where to start?

So I think I'll check out the books you all suggested and the metasploit thing. I consider myself pretty apt with computers. Though I have no real programming knowledge, I figure I'll be starting with A+ which is more in my familiarity zone. I can upgrading and install hardware/software on windows no problem and have basic understanding of networking and troubleshooting so I think I'll just hit the books instead of fork out the cash for a fast track certification.
Next

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software