I found that the best way to learn other than reading and implementing, at least for me, is the honeypot approach, put a machine on the net with a permanent address and see what kind of attacks it faces and how can you counter them. It will also allow you to figure out firewalls and IDS systems.
----------- Omar Koudsi IT Architect Network Security Center Special Systems Company http://security.sscjo.com [EMAIL PROTECTED] Tel: (9626) 5664221 Fax: (9626) 5681557 -----Original Message----- From: Jeremy [mailto:[EMAIL PROTECTED]] Sent: Monday, January 07, 2002 1:00 AM To: Douglas Pichardo Cc: [EMAIL PROTECTED] Subject: Re: Please help a young aspiring security professional Securing Linux is a good book... i have it at work, ill get the isbn for you... also read this... http://www.linuxworld.com/linuxworld/lw-1999-05/lw-05-ramparts.html this is a neat article... may help you out.. ----- Original Message ----- From: "Douglas Pichardo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 04, 2002 7:29 AM Subject: Please help a young aspiring security professional > Revered security professionals: > Hi, my name is Douglas Pichardo and I am 16 years old. I live in > Virginia Beach, Virginia (USA), and I am in the 10th grade. I have > been a member of this discussion list for several months, trying to > learn all I can about the > world of security, which I have a strong interest in. This last > summer, when > my interest popped up, I spent several hours almost every day reading > webpages about every security topic that I could read about and understand, > but at that time I was using Windows 98 and was unable to really get > into and > play around with any of the information I learned, and decided to get > an OS > that would allow me to - either Linux or Windows 2000, and Windows > 2000 is too expensive. For Christmas, I got SuSE Linux 7.3 > Professional, <u>Hacking > Linux Exposed</u>, and <u>Linux System Administration</u>, as these > all had > good reviews in various places and I did not like Mandrake 8.1 which I > had burned on CD and previously installed. Well, to the point: I would > like to try out security things like firewalls and such and be exposed > to the internet (I'm behind a Linksys Cable/DSL router with NAT), but > I don't feel anywhere near knowledgeable enough. What > I'm looking for is a internship of sorts, and I was wondering if > either: (a) > by some chance some of you know companies in Virginia Beach, VA, that would > take me "under their wing", or (b) any of you know of any websites or > companies that might have information about local internship programs > in the > security/administration field. I am looking for a learning opportunity > - a free one - where I could gain experience (the SANS and other > conferences are > too much money and travel for me at age 16). I would greatly > appreciate any > help that you would give me as an aspiring security professional. > Thank you > in advance, and also thank you for reading all of this - I can get > wordy :-) . > > Sincerely, > Douglas Pichardo > > P.S. I'm not some teenage wanna-be hacker; I truly only want to get > into the > security field, not the "counter"-security field. And just in case the fact > that I'm writing this at 10:30 AM might contribute to the stereotype, > I have > no school today; we have about 3 inches of snow and the whole area has shut > down as if it were 3 feet. > > P.P.S. Are there any other books on Linux administration or > local/network security that you recommend?
