On Thu, 29 Mar 2001, [iso-8859-1] Gary Jones wrote:
> My question to the group is simple - Where do I start ? I want to
> learn as much about security on the net as possible and would prefer
> to experiment on my home box - before I implement anything at work.
it's a long and arduous road. i'll tell my brief tale.
i've been using UNIX systems for about ten years now, adminning them for
about 6 or so. a few years ago i got very interested in security, and in
short i found i had to do the following:
o learn IP networking
o learn the protocols (like SMTP, HTTP, etc)
o learn applications
o understand programming
my interests have moved to certain protocols (like SMTP) so i can focus on
them, the application of cryptography at various levels (including VPNs),
and the deployent of firewalls. i found i had to focus to keep myself up
to date on things, and i find myself sticking in the UNIX world more than
Win32.
it's kind of cool, you can find an area and make yourself very well versed
in it. but to understand how things break, you first must learn how they
work. learn the protocols. ie LDAP, SNMP, VPNs, etc ... fill a void if you
want to become a recognized master. the world doesn't need, for example,
another cgi-bin security person (it has some good ones).
just start reading. here are some good books (links to reviews my local
LUG has written):
http://cwrulug.cwru.edu/books/tcpipill1.shtml
http://cwrulug.cwru.edu/books/tina.shtml
http://cwrulug.cwru.edu/books/unpv1.shtml
http://cwrulug.cwru.edu/books/hackingexposed.shtml
http://cwrulug.SCL.CWRU.Edu/books/inetfw.shtml
http://cwrulug.cwru.edu/books/nids.shtml
some of these books have been updated since those reviews.
i hope this helps, i'm sure others will chime in with great suggestions.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
