FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


how to get started in IT security....





teko
Sorry I didnt know where else to post this...

This is a question for any security professionals who might frequent these pages...

how does one go about getting into area or whats the best way to go about it?

I work in IT and have always had an interest in IT security and would like to start working with it more only I dont have much experience.

I guess the best way to get started is to start working in it but for that you probably need experience...

Other than that I was planning on setting up a home network of different OSs to learn about the different ways to secure and harden different OSs.

I guess for the time being I could ask in my own company if its possible to get into more security oriented role too.

anyway any help or advice would be appreciated
crdowner
Security can cover several areas. Do you want to protect perimeters using firewalls, etc.? Do you want to protect systems by locking down operating systems? Do you want to protect files by managing security to file systems like NTFS?

What you outlined in your posts sounds like a good start. If your current employer will let you get some experience, that will help you a lot.
cosmicx
yeah...security covers a lot of fields and what I am quite interested is about cryptography...
it has a lot of algorithms, and it is very good especially to encrypt your message and transfer them in a better way...
haha, try to learn some hacking technique, I suppose it will be helpful to widen your knowledge in this field too Smile
minty
As the other posters have mentioned there are a lot of fields that security covers.

Infrastructure (network hardware)
Network Monitoring/Protecting (hardware/software)
System Security (hard-drive encryption)
Operating System Hardening (AAA [Authentication, Authorization, Accounting])

Many many more...

Pretty much, you can implement security into any IT project including web-development, any application development, OS deployment/administration, Netw equipment deployment/administration.

Study for and pass the Security+ exam to give yourself a very broad aspect of what all is included in the security field. Afterwards, decide where your strengths are strongest. (ie: mine is in network infrastructure), and look for a way to implement security in that area at your current job. Use a couple of VMs and create a Virtual Network and practice/enhance your security knowledge.

Good luck, have fun, and remember be responsible. Security can be a double-edge sword. Be sure to keep everything ethical, especially if you want to be able to get into the security field. If your integrity is questionable good luck getting in!

--minty
teko
Hi all,

thanks for the posts, I stopped looking at this after a week or two as I thought no one was going to answer.

I guess my interest lies in unix/linux. So I would be interested in unix security. Im currently saving to get a machine with enough memory to run vmware to setup a security lab at home. I think I will aim for one of the security certs or one with a lean towards networking for a start. I think its good idea to have a good grounding in networking and then build up my experience with hardening unix security.

http://www.cl.cam.ac.uk/~rja14/book.html

I found this book online too which seems to give a great overall view of security engineering and am reading chapters out of this bit by bit.

Ethical hacking sounds kind of fun and seems a good way to start learning with different OSs running on vmware.

Anyway thanks again for your posts
minty
In that case I would start at the very foundation. Learn the computer hardware/software. A great way for this is by going for your A+. Next, go for the Net+, Linux+, Sec+, and finally CEH (certified ethical hacker).

I encourage you to go after these certs just b/c they never expire and b/c employers like to see certs, especially if you want to head into the consulting industry. However, experience always pay more than any cert/degree that you may earn, therefore, just be sure that you understand what is required within the domains of each cert and experiment like crazy with your VMs.

Again good luck and have fun.

--minty

BTW: I followed your link and I downloaded all of the chapters to the Security Engineer book. Thanks for the reference.
teko
dont thank me Minty thank the author for distributing his book for free!
Related topics
Novell acquires Linux security company
*OFFICIAL* Which Browser do you use?
Bogus Microsoft Security Update Circulates
php nuke - a wesome CMS
XAMPP - All-in-One WebServer package
Security website
New Netscape sizzles with security
Just curious... what's your folks' business model?
Booting time
Security and Technology Website
Windows most secure OS?
All internet programs crash when started
Prevention, detection, and cure: 12 free security programs
Will Canada get a seat on the Security Council?
Reply to topic    Frihost Forum Index -> Computers -> Operating Systems

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.