.

Hello everyone!

<<

JTD121

User avatar

Newbie
Newbie

Posts: 16

Joined: Thu Sep 06, 2012 12:11 pm

Location: 01832

Post Thu Sep 06, 2012 12:26 pm

Hello everyone!

So I'm a general techie, into all sorts of stuff.

Know a bit of programming (some VB6, a little C++. Can read much better than write it). Love security stuff, even if I don't use most of it much.

Just bought this book and on their site was a link to this place! So here I am!

Where should I start reading up on stuff? I don't believe I have fully read up on security or coding or whatever, I'm a jack-of-all-trades, and haven't decided to 'specialize' into one field just yet.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu Sep 06, 2012 12:43 pm

Re: Hello everyone!

Welcome to the forums!

That's a decent book to start with. Be sure to review other posts in the greetings forum, especially this one.

There are a lot of other, "How/Where do I get started?" posts, so search around a bit. Let us know if you have any specific questions after that.
The day you stop learning is the day you start becoming obsolete.
<<

JTD121

User avatar

Newbie
Newbie

Posts: 16

Joined: Thu Sep 06, 2012 12:11 pm

Location: 01832

Post Thu Sep 06, 2012 1:33 pm

Re: Hello everyone!

HM...Good point. I am currently A+ Certified, and I've taken the Net+ classes, but have not taken the test. Currently in Chapter 6 of the 2009 edition of the study guide, but at this point, it seems a tad much, just really boring (but necessary, I know!) stuff at the point I am in the book. Plus I know, in general, how TCP/IP works as it relates mostly to Windows systems. I've dabbled in Linux, but have never really used it in a desktop, day-to-day situation for very long. I've tried Slackware....back in 2003/4, Ubuntu every couple releases (not a fan of Unity, BTW), and I think once I tried Gentoo to force myself to learn about Linux, and that just netted me an unbootable machine for a week.  :-\

Have been thinking really hard about getting CCNA certified, taking the classes because of the incredible volume of information, but don't have ~$3k+ for the classes, and I can't find a local campus offering the course at the moment.

The way I learn is very complicated, but according to this list on Wikipedia, I can learn all four 'ways', but I would prefer not to stick to a single method if possible. Hence my want of the class for CCNA specifically.

It seems Self-Study, for me, only works for a while, maybe a month at max. After that I just lose interest in the text and move on to something else. Maybe a study group of some kind?

Also, are there free(ish) alternative to the courses offered by SANS? I might be able to get some kind of tuition reimbursement from my employer (if I get a day position in their IT dept) but I'm not holding my breath, plus, I'd have to have the cash to pay for any training myself first.....

Ah, First World Problems, right? Looks like I am going to enjoy my time here! Can't believe I haven't found this place, or similar before! I wonder is there a 'Non-Ethical Hacker' sister site?  :P ;D
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu Sep 06, 2012 9:11 pm

Re: Hello everyone!

JTD121 wrote:HM...Good point. I am currently A+ Certified, and I've taken the Net+ classes, but have not taken the test. Currently in Chapter 6 of the 2009 edition of the study guide, but at this point, it seems a tad much, just really boring (but necessary, I know!) stuff at the point I am in the book. Plus I know, in general, how TCP/IP works as it relates mostly to Windows systems. I've dabbled in Linux, but have never really used it in a desktop, day-to-day situation for very long. I've tried Slackware....back in 2003/4, Ubuntu every couple releases (not a fan of Unity, BTW), and I think once I tried Gentoo to force myself to learn about Linux, and that just netted me an unbootable machine for a week.  :-\


Linux is definitely important.

Gentoo has a pretty steep learning curve. It's a good experience to go through setting up a system, but it can be difficult to maintain if you're not really into tweaking every minor setting. I personally don't have the time for it. Try installing KDE or Gnome on the server version of Ubuntu if you like the distro sans end-user clutter. There are similar Debian-based distros, such as Mint, as well.

Grab VMware Player or VirtualBox and load up a Linux distro. Try and stay in full-screen mode as long as you can and get acclimated to the environment. It's any easy and unobtrusive way to really dive into it.

JTD121 wrote:Have been thinking really hard about getting CCNA certified, taking the classes because of the incredible volume of information, but don't have ~$3k+ for the classes, and I can't find a local campus offering the course at the moment.

The way I learn is very complicated, but according to this list on Wikipedia, I can learn all four 'ways', but I would prefer not to stick to a single method if possible. Hence my want of the class for CCNA specifically.


That's kind of an odd article. I didn't think there was that much controversy over the various learning styles. These are the statistics I've typically gone by (the percentages obviously aren't perfect, but that order is roughly what I've observed in myself and others):

PsychoTactics wrote:To summarize the numbers (which sometimes get cited differently) learners retain approximately:
90% of what they learn when they teach someone else/use immediately.
75% of what they learn when they practice what they learned.
50% of what they learn when engaged in a group discussion.
30% of what they learn when they see a demonstration.
20% of what they learn from audio-visual.
10% of what they learn when they’ve learned from reading.
5% of what they learn when they’ve learned from lecture.


http://www.psychotactics.com/blog/art-retain-learning/

The CCNA certainly provides a good foundation for any security role. It's also great for helping you land a full-time IT position, which seems to be a current goal of yours.

Have you looked at TrainSignal or CBT Nuggets CBT-based training? That might be a cheaper alternative to classroom training while still providing the same style of training. The only downside is you can't directly ask questions, but you can always ask here or at one of the many other IT forums. You'll miss out on hands-on exercises as well, but you can build your own CCNA lab for a fraction of the price of a course (~$300-500).

I think a class is overkill for this cert. There's a lot to it, but it's really not that bad. The breadth can be a bit overwhelming for someone seriously diving into networking for the first time. You should be fine with CBT > Written Resource > Lab Activities > Practice Exam.

I recommend grabbing this as a supplementary resource as well: http://www.amazon.com/CCNA-Portable-Com ... 662&sr=8-1

JTD121 wrote:It seems Self-Study, for me, only works for a while, maybe a month at max. After that I just lose interest in the text and move on to something else. Maybe a study group of some kind?


Pay for the exam and set a date at the onset. Create an actual deadline to target if you find yourself having difficulty staying motivated.

JTD121 wrote:Also, are there free(ish) alternative to the courses offered by SANS? I might be able to get some kind of tuition reimbursement from my employer (if I get a day position in their IT dept) but I'm not holding my breath, plus, I'd have to have the cash to pay for any training myself first.....


I don't know of anything free that's on-par with SANS, but there are plenty of free resources to keep you busy for the foreseeable future. Here's a few to get started with:

http://www.securitytube.net/ (especially the MegaPrimers)
http://www.irongeek.com/
http://g0tmi1k.blogspot.com/

JTD121 wrote:Ah, First World Problems, right? Looks like I am going to enjoy my time here! Can't believe I haven't found this place, or similar before! I wonder is there a 'Non-Ethical Hacker' sister site?  :P ;D


Are you fluent in Russian and/or Chinese?
The day you stop learning is the day you start becoming obsolete.
<<

sternone

Full Member
Full Member

Posts: 129

Joined: Tue Aug 07, 2012 1:31 am

Post Fri Sep 07, 2012 1:14 am

Re: Hello everyone!

Are you fluent in Russian and/or Chinese?


No, but google translate is  :D :D
Try harder....hmpf!!
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Fri Sep 07, 2012 3:21 am

Re: Hello everyone!

hello and welcome to this great forum
As i mentioned over and over i think its not a good idea to start learning hack directly, its better to provide some background first to have better idea about future lessons

networking background
i think its the first requirement which you need to learn because without having a good knowledge about networking you'll never understand what is server, how its work and so on so please be experienced in this field. here is a good book which make you learn networking very fast:

Sybex network plus fast pass

Virtualization basics
Virtualization gives you the ability to run multiple operating systems in same time and you'll need it for exercises and during real pentest. but Virtualization has some techniques and its necessary to learn. Here i provided some links for that:

http://www.amazon.com/Virtualization-Be ... 007161401X

https://www.virtualbox.org/manual/

linux basic
i think a hacker without knowing Linux is nothing!! because Linux has great features which is necessary for hack. So you must learn one of Linux  pen test distro such as backtrack, back box and so on. but if your newbie i suggest you to learn ubuntu linux:

http://www.amazon.com/Official-Ubuntu-B ... 0132435942

Create your own hacking lab
To do your exercises you cant attack to the real internet server because its not ethical. So here virtualization can help you . you can easily create some virtual computer with different O.S. i suggest you to install these operating systems:

Backtrack Linux
metasploitable
damn vulnerable linux
windows xp sp1
De-ice.net

that book which you bought is great but i also recommend this book too:
http://www.amazon.com/Professional-Pene ... 1597494259

Man as you see the route is soo long so be patient and again practice is the key of everything

Goodluck

Cyber.spirit


   
ICS Academy Network Security Certified
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Fri Sep 07, 2012 8:22 am

Re: Hello everyone!

I thought the basics of Pen-testing and hacking was ok. My biggest complaint was it felt more like a do this walk through, instead of a here is what is possible now go and play.

I like the Security+ get certified and get ahead book more. I think that this book gave more of a mind set to start thinking in the terms of security.

But that's just me.

Just to be a generalist I'd learn the following:
- Virtualization
- Linux administration
- Windows administration
- Basic networking, including basic firewalling / packet filtering
- a scripting language
- how to read packet captures
- how to harden systems.
- learn to read logs

if you want real fun, spin up a server somewhere on the internet, and try to keep up as people pound the hell out of it.
OSWP, Sec+
<<

JTD121

User avatar

Newbie
Newbie

Posts: 16

Joined: Thu Sep 06, 2012 12:11 pm

Location: 01832

Post Sun Sep 09, 2012 9:33 am

Re: Hello everyone!

Cyber.spirit and chrisj thanks for the advice! I'll look into many of these things soon!

And I bought the basics of pentesting book because I don't know how to do it, hence, I need the basics. I understand basic security concepts and abstracts, but have had little "in-the-field" experience with them.

But PenTesting sounds like something I might be able to do as a job, maybe even a career of sorts. Not sure what I want to do as a career right now, but I do want it to be in the vast IT industry :)
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Wed Sep 12, 2012 4:06 pm

Re: Hello everyone!

your welcome jtd and if you want to learn hacking from the basics, as i mentioned over and over and over! Its great place to start:
www.hackerhighschool.org
DO NOT FORGET TO PROVIDE SOME NETWORKING BACKGROUND

And tell me about your problems im here to help.

Not only me, many of other friends are here to help!!!
ICS Academy Network Security Certified
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Thu Sep 13, 2012 3:38 am

Re: Hello everyone!

That is a good little book to start with and depending on what area you interested in there are loads of other great reading resources to purchase.

I would say read books and try do some course if you can afford them they help you learn quicker and also give you something to put on your CV.

good luck :P
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Thu Sep 13, 2012 8:57 pm

Re: Hello everyone!

Anyone try the Hackhighschool.org lab? What is it like? Worth $150?
<<

JTD121

User avatar

Newbie
Newbie

Posts: 16

Joined: Thu Sep 06, 2012 12:11 pm

Location: 01832

Post Mon Sep 17, 2012 11:08 am

Re: Hello everyone!

No offense, but am older than high school age (nearly 26), so I don't believe the HHS will work out for me, plus, there is almost no information on how/when/where theses ISECOM 'events' take place, their price, etc.

It seemed interesting until I tried to find out if it was an online thing, or you had to go to an on-site training, or if it was offered specifically to high school teachers/students....

EDIT: Okay, it's geared specifically at students still in public school....nevermind. Thanks anyway!
Last edited by JTD121 on Mon Sep 17, 2012 11:11 am, edited 1 time in total.
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Tue Sep 18, 2012 12:38 am

Re: Hello everyone!

JTD121 wrote:No offense, but am older than high school age (nearly 26), so I don't believe the HHS will work out for me, plus, there is almost no information on how/when/where theses ISECOM 'events' take place, their price, etc.

It seemed interesting until I tried to find out if it was an online thing, or you had to go to an on-site training, or if it was offered specifically to high school teachers/students....

EDIT: Okay, it's geared specifically at students still in public school....nevermind. Thanks anyway!

Lol! Man i have 23 and it worked for me. Basics are basics no matter when u learn. Just learn and dont care about highschool or kindergarten!!!!

Just download and read their lesson and it will give u good ideas about how to start you can create ur own lab later like me
Good luck and any other problem or question? Let us know
Last edited by cyber.spirit on Tue Sep 18, 2012 12:40 am, edited 1 time in total.
ICS Academy Network Security Certified
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Tue Sep 18, 2012 5:21 am

Re: Hello everyone!

I'm 40 and I could learn a lot there, I think.
<<

JTD121

User avatar

Newbie
Newbie

Posts: 16

Joined: Thu Sep 06, 2012 12:11 pm

Location: 01832

Post Tue Sep 18, 2012 6:48 am

Re: Hello everyone!

Oh snapples! I thought the 'Lessons' section was going to be an overview of the stuff they teach you, rather than the actual lessons.

Guess I still have a bit to learn on the info-gathering! ;)
Next

Return to Greetings

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software