Network Security

Discussion in 'Computer Science & Culture' started by thecollage, Sep 12, 2007.

Thread Status:
Not open for further replies.
  1. thecollage Registered Senior Member

    Messages:
    431
    I am interested in learning more about network security and cyber investigations. Does anyone have a good place to start?
     
  2. Google AdSense Guest Advertisement



    to hide all adverts.
  3. river-wind Valued Senior Member

    Messages:
    2,671
    I learned by hacking my own computer for a few years, then by reading books like the Happy Hacker (now woefully outdated), followed by more advanced books about computer security. Check out the rainbow series on UNIX design and security - more than likely you local library has copies.

    There are also many college level classes on computer security these days - a new college opened up on the far side of town from me offering graduate degrees in computer security and intelligence work.


    Don't be selfish, always be a white hat.
     
  4. Google AdSense Guest Advertisement



    to hide all adverts.
  5. thecollage Registered Senior Member

    Messages:
    431
    let me rephrase that; what skills and knowledge do you need to become an IT professional? in addition to that; what skills and knowledge do you need to become a security professional?
     
  6. Google AdSense Guest Advertisement



    to hide all adverts.
  7. Stryder Keeper of "good" ideas. Valued Senior Member

    Messages:
    13,102
    If you want to become an IT Professional then it's not so much about 'Which books do I read?' but more 'What should I be learning in school?', 'What courses should I apply for at college?' and 'What courses should I pay for?'.

    'IT Professionals' are rarely hired by firms if they haven't any academic background. Self tuition is great if you want to get by, however it doesn't give you the credentials or portfolio to provide a prospective employer a reason to give you a job.

    Also 'IT Professionals' is a very Generic term since the IT industry itself is huge and no individual could ever know everything, which is why people usually specialise and/or become 'IT Practitioners'.

    Simply put get High grades in English, Mathematics and Sciences.
    Mathematics is important since computer courses now really do utilise applied mathematics, so if you haven't the brain or the stomach for mathematics such things as programming, cypher analysis, data salvage will be way out of scope.

    As you might of heard said in the 'Industry':

    So simply, get trained up, build a portfolio up and gain Experience in the field you are interested in, just make sure what you do accounts for something so that some corporate beancounter see's you as a black integer as apposed to a red minus one.
     
  8. Stryder Keeper of "good" ideas. Valued Senior Member

    Messages:
    13,102
    Get trained in The Hardware and Software solutions used in networking.
     
  9. leopold Valued Senior Member

    Messages:
    17,455
    a very broad area indeed.
    since there are so many encryption algorithms used for internet porposes i can only give you broad guidelines.
    the very first thing you need to do is to thoroughly understand the intrernet protocol and how the net transmits the info from one computer to another. http://www.google.com/search?hl=en&q=understanding internet protocol&btnG=Search

    next you need to learn the various ecryption algorithms used on the net.
    http://www.google.com/search?hl=en&q=internet encryption algorithms&btnG=Search

    finally you need to understand the various methods for encrypting the programs themselves.
    http://csrc.nist.gov/CryptoToolkit/aes/

    good luck buddy. let us know how it turns out for you.

    oh. what makes a person a professional as a opposed to one that is competent?
    talent. and that is something you are born with. you cannot "learn" talent.
    talent is that which allows people with no HS diploma to compete with collage grads. people with talent "instinctively know" what they are doing.
     
  10. thecollage Registered Senior Member

    Messages:
    431
    do you recommend learning in that order leopold99?
    thanks.
     
  11. leopold Valued Senior Member

    Messages:
    17,455
    basically, yes.
     
  12. Kunax Sciforums:Reality not required Registered Senior Member

    Messages:
    2,385
    There is slightly more to network security then just know IP, and by knowing i assume you mean know how and why it works and how the datagrams are constructed.
     
  13. thecollage Registered Senior Member

    Messages:
    431
    What is a datagram and how does its construction play into network security?
     
  14. Stryder Keeper of "good" ideas. Valued Senior Member

    Messages:
    13,102
    If you are truly going to try and do this outside of a Scholarship then you are going to have to learn the main tools of the trade.

    Search Engines
    Bug trackers
    Open Source projects (OS, server program's etc)

    You'll need to get hold of an old PC and run a different flavour of Operating System (Unless of course you are willing to try and learn Microsoft's OS's, however for the majority they are to bloatware, I know someone's going to say NT4/Server 2003 but it's still bloated IMHO, however it's 'easier to configure')

    If you pick a linux install, by all means you could try running one of the usual OS's that people mention here. However the majority of server related OS's are Freebsd, Slackware, Fedora core to name a few. In the most part if you are wanting to create a server environment for testing things you are going to need to forget about using a GUI, you'll need to setup a SSH daemon on the system and get yourself an SSH client like PuTTY. You could use straight forwards telnet, however unless you are running that secure, you aren't going to learn much about security.

    The same can be said about FTP, that's another security problem that people usually have. For the most part most security exploits are just misconfiguration's that the server administrator has done and this is usually down to the nature of how difficult the server is to configure.

    This is why you'd need to read an awful lot of information on various configurations for every server package you install on your box. Some packages will require pre-requisites, some will require to be reconfigured on install others still will require a complete rebuild of the boxes Kernel and that itself is a task many people (including myself) usually find a pain in the a$z3.

    This of course is only part of the overall problem, since you want to learn about the 'Network Security' this means you have to learn how to configure your LAN adapter for the particular OS and not only configure it to connect to the network but also communication on many of the layers that exist over the TCP/IP protocol.

    In essence go out and get some books, either buy them online or try to find a second hand bookstore (For the most part current OS/programming books are gold dust in such places.) you could try a library so you can try the books out to see if you find them a good reference source.

    You'll want to learn about Unix/Linux, you could also learn about SQL and Database languages as well as a number of languages that are useful for batch processing. Perl, PHP, Python, C, SH, ASP, VBScript etc.

    In all honesty, if you are stuck with finding out about a datagram perhaps you might think of something not so ..... well immense

    Please Register or Log in to view the hidden image!

     
  15. Kunax Sciforums:Reality not required Registered Senior Member

    Messages:
    2,385
    what he said, btw im curious what is your backgroud/current education/skills(computer/network)
     
  16. thecollage Registered Senior Member

    Messages:
    431
    so do i need to learn code too then?
     
  17. Stryder Keeper of "good" ideas. Valued Senior Member

    Messages:
    13,102
    Let me put it like this, if you are interested in 'Network Security' it's not just about making sure you have the right IP address, subnet mask or MAC address.

    You need to know your OS's, various server programs and their configurations, various scripting/programming languages, transit protocols (TCP/IP) and Datagrams as previously mentioned. As mentioned also you need to also know how to utilise various methods of research, asking questions helps however sometimes those questions have been asked before and various people have written answers you can find online.

    It's not exactly something you're going to learn in a week, but something that will take many years of experience to build up to learn. If you want to be able to do it next week, good luck...

    However a point I was trying to make about the academic method of learning this area is the fact that you learn industrial standards, you interface with other people on the same subject rather than attempting to go it alone and you get accredited for your work. (It is possible to get accredited without qualifications however you'd have to learn how to find bugs and report them, you aren't of course going to be able to do that unless you can 'Reverse Engineer' and that is no singular field of study.)
     
  18. Kunax Sciforums:Reality not required Registered Senior Member

    Messages:
    2,385
    how about you look for something else, first line support, might be right up your ally
     
  19. nietzschefan Thread Killer Valued Senior Member

    Messages:
    7,721
    Yup. Get enough courses to get your foot in the door with a good company that pays for courses/certs. Certs are so expensive these days, it does NOT pay to go for them. I.T does not pay like it once did and will only get worse. I recommend young people do not purse a career unless they possess a real interest or a real aptitude or both.
     
  20. thecollage Registered Senior Member

    Messages:
    431
    oh i am smart. thanks guys for the information on this. how much does this pay on average?
     
  21. neonecho Registered Member

    Messages:
    2
    [removed url]

    maybe it's about time, ppl watch some videos.
     
    Last edited by a moderator: Mar 24, 2008
  22. Stryder Keeper of "good" ideas. Valued Senior Member

    Messages:
    13,102
    I apologise that I had to remove the URL. While it can be suggested that it's important for people in the industry to learn the exploits for better protection it's also a problem because if the exploits are recorded and made to easy to reproduce the Script Kiddies attempt to dominate.

    The last thing I want is to encourage "Lamerz" to start hacking, following an academic path is advisable because you don't just learn about what goes on inside a computer or how to program, you also learn to respect one another, which is something that just isn't learnt through video tutorials.
     
  23. kmguru Staff Member

    Messages:
    11,757
    To practice as a security professional, you need to be licensed as a private detective in a state you are in (for U.S. Professionals) which can be done by passing a state exam.

    As to skills and knowledge - you need to have a deeper understanding of hardware, software, network and programming. Computer forensics would be a good start. Then think like a crook so as to catch a crook...or protect from a crook.

    Please Register or Log in to view the hidden image!

     
Thread Status:
Not open for further replies.

Share This Page