On Fri, 4 Jan 2002, Douglas Pichardo wrote: Greetings Douglas,
At the age of 16, you will find few serious jobs dealing with security or systems administration. When/if you do, they will likely be jobs that do not expose you to the full range of ideas and materials that you are likely seeking. Volunteer work, for a charity, school, or other local agency which can not afford systems support (let alone security) seems to be the most common exception to this rule. Do not be disuaded though, I am aware of a gentleman who is 17 at this time but began work as an intrusion analyst in Myrtle Beach at a medium sized managed security services firm. As for reading materials, I would recommend focusing on the "why" aspect first -- after which time you can teach yourself the 'how'. A couple books come to mind: "Practical Unix and Internet Security", "Incident Response", and "Building Internet Firewalls". All three are from Oriley and Associates, and have a simple-to-read format. If you want to get a bit broader scope of the security field I would Recommend "Information Security Management Handbook", 4thED Volume 3 (There are 2 prior volumes, but with older (though not less important) information.) --Tim -->Revered security professionals: --> Hi, my name is Douglas Pichardo and I am 16 years old. I live in Virginia -->Beach, Virginia (USA), and I am in the 10th grade. I have been a member of -->this discussion list for several months, trying to learn all I can about the -->world of security, which I have a strong interest in. This last summer, when -->my interest popped up, I spent several hours almost every day reading -->webpages about every security topic that I could read about and understand, -->but at that time I was using Windows 98 and was unable to really get into and -->play around with any of the information I learned, and decided to get an OS -->that would allow me to - either Linux or Windows 2000, and Windows 2000 is -->too expensive. For Christmas, I got SuSE Linux 7.3 Professional, <u>Hacking -->Linux Exposed</u>, and <u>Linux System Administration</u>, as these all had -->good reviews in various places and I did not like Mandrake 8.1 which I had -->burned on CD and previously installed. --> Well, to the point: I would like to try out security things like firewalls -->and such and be exposed to the internet (I'm behind a Linksys Cable/DSL -->router with NAT), but I don't feel anywhere near knowledgeable enough. What -->I'm looking for is a internship of sorts, and I was wondering if either: (a) -->by some chance some of you know companies in Virginia Beach, VA, that would -->take me "under their wing", or (b) any of you know of any websites or -->companies that might have information about local internship programs in the -->security/administration field. I am looking for a learning opportunity - a -->free one - where I could gain experience (the SANS and other conferences are -->too much money and travel for me at age 16). I would greatly appreciate any -->help that you would give me as an aspiring security professional. Thank you -->in advance, and also thank you for reading all of this - I can get wordy :-) . --> --> Sincerely, --> Douglas Pichardo --> -->P.S. I'm not some teenage wanna-be hacker; I truly only want to get into the -->security field, not the "counter"-security field. And just in case the fact -->that I'm writing this at 10:30 AM might contribute to the stereotype, I have -->no school today; we have about 3 inches of snow and the whole area has shut -->down as if it were 3 feet. --> -->P.P.S. Are there any other books on Linux administration or local/network -->security that you recommend? -->
