Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Thinking about a career !?

  1. Home
  2. Forum
  3. Hacking in general
  4. Thinking about a career !?

ghost's Avatar

ghost

0 0

Im thinking about taking up schooling to get a career in Hacking . Something in the nature of network security along the lines of breach response and detection / prevention of hackers . I hope this is a clear enough depiction of the line of work i would like to get involved in ?

My question and reason for this thread , is to gain some knowledge on what i would need to learn in order to obtain the abbility of performing the necesary tasks of hacker / cracker detection and prevention ? I know learning as many languages as possible is key and number one , for knowing how to see irregularities .

Visual Basic , Visual Basic.net , C# , C++ , HTML , Javascript , PHP Linux , asp.net , CSS , Apache , MySQL , Python , Perl , etc.

What else would be key to starting in this direction of a career ? Also does anyone know of reputable companies that perform this ?

Im looking to start some college classes i was just wondering what would be some good classes to take . Theres is a technical campus in my area offering "Information Security Systems 101" i was gonna start there . I go monday to see what they have to offer for this .

What do people think about Certified Ethical Hacker certifications ? Are they worth the money to go through with . I have looked up different cisco certified courses that seem very good to get into .

Thanks for your help .

Neqtan


ghost's Avatar

ghost

0 0

I don't really thing there are bad course, just focus on what you want to learn and try to go as far as you can in your study.

On the marketplace, there aren't anything called hacker, it's more "Security Professional". Also go see the career orientator, if there is one at your college. This is the guy/girl to see if you need help in planning your career.


ghost's Avatar

ghost

0 0

Thanks for the response . Yeah ill check into the Guidance counselor .

The thing about studying everything i need to know is the hard part . I dont exactly know what i need to know right now . So i was trying to get a little insight as to what a " Security Proffesional " would have to know and be capable of !?

Also has anyone gone to any CEH or LPT courses and are there any reputable companys that someone could suggest to me ?

I found so many different ones ( Witch some of arent cheap ) .


ghost's Avatar

ghost

0 0

Well, if you're interested in more of prevention of hackers and computer security, instead of say, website security. I think you should start with C++. In my opinion, it's a good language to start with. But I think before you start taking any courses, find out what exactly you want to do, then figure out what would be the best suited for that. So if you are planning on going ahead with computer security, I would start with C++.


ghost's Avatar

ghost

0 0

Yeah ill check into the Guidance counselor.

They don't know jack shit about IT. They'll usually tell you to major in Computer Science, since it's the only computer related career they know.

If you want to get into network security and end up landing a job with an agency then do (to my opinion):

Electrical Engineering

  • Electromagnetics and Optics
  • Communications
  • Control Systems
  • Space Science and Remote Sensing
  • Physical and Quantum Mechanics
  • Power and Energy Systems

Computer Engineering

  • Computer Architecture
  • Operating Systems
  • Integrated Circuits
  • Artificial Intelligence
  • Robotics & Mechatronics
  • Software Engineering

Network/Computer/Web Security

  • Building and Information Protection
  • Cryptography & Steganography
  • Incident Handling: Malware Research
  • Business Continuity & Disaster Recovery
  • eCommerce and Web App Security
  • Operating Systems Dev. & Security

Pick your niche early (ASAP) and get good at it fast! And later on you can even do consulting (which, by the way, will get you a shitload of money!!).

CISCO is a good certification, but it costs a shitload of money, and you're not guaranteed to pass. The troubleshooting part is what most people fail at. The written test is easy, if you study hard for it. But overall, if you only pursue CISCO, you'll be limiting yourself to ONLY dealing with CISCO Networks for the rest of your life; unless you switch (which might be hard) considering age/money.

Good luck.


ghost's Avatar

ghost

0 0

The Niche for me is :

Network/Computer/Web Security

  • Building and Information Protection
  • Cryptography & Steganography
  • Incident Handling: Malware Research
  • Business Continuity & Disaster Recovery
  • eCommerce and Web App Security
  • Operating Systems Dev. & Security

All of these are right up the alley of what i would like to do . I think bieng rounded for computer and web security is good considering so many corporate based networks also have parts of themselves on the web as well witch sometimes in ways are or can be interconnected with the inter network as well , am i wrong ?


ghost's Avatar

ghost

0 0

Wow, this is a loaded thread… so, I guess I'll just pick somewhere to start and go from there.

As far as certifications, the CEH is not considered as desirable to employers as the CISSP or other (ISC)2 certifications. Also, I've heard from a number of people that the CEH is more oriented towards memorizing switches and options to popular "hacking" programs; that being said, the CEH seems to only be valuable if you work in Penetration Testing. If you're starting out in the IS field, it won't really help.

Neqtan wrote: The Niche for me is :

Network/Computer/Web Security

  • Building and Information Protection
  • Cryptography & Steganography
  • Incident Handling: Malware Research
  • Business Continuity & Disaster Recovery
  • eCommerce and Web App Security
  • Operating Systems Dev. & Security All of these are right up the alley of what i would like to do . I think being rounded for computer and web security is good

Being well-rounded in Information Security is good, don't get me wrong. However, to have a clear path of success, you want to specialize and become strong in one aspect of that field. Your above interests are better grouped as follows:

Administration Duties

  1. Operating Systems Dev. & Security
  2. Business Continuity & Disaster Recovery
  3. Building and Information Protection (?)

Web Administration Duties

  1. eCommerce and Web App Security

Information Security Analysis

  1. Cryptography & Steganography
  2. Incident Handling: Malware Research

Choose one of the paths underlined above and devote the majority of your energy to that. For starting out in the IS field, I would recommend the first one, since a solid understanding of networking is key for any later growth.

…considering so many corporate based networks also have parts of themselves on the web as well witch sometimes in ways are or can be interconnected with the inter network as well , am i wrong ?

No, you're not wrong. Corporate networks have web-accessible servers contained within a DMZ, or de-militarized zone, which is composed of a firewall on each side of the web server. The firewall facing the web allows web traffic and any traffic that needs to reach the internal network, while the firewall facing the internal network is more strict on what to allow (only allowing what is needed by the internal network).

Classes teaching Information Security and Networking progressive learning are the way to go. For certifications, you need to start with a Network+ and Security+ to get a good basic grasp of concepts. From there, you will eventually want network hardware-specific certs (CCNA, CCSE, etc.), maybe a few OS-specific certs (Linux+, LPI, RHCE, MSCE - Security), and more (ISC)2 certs.

Start at the beginning and work your way up. The key is specializing early. Also, absorb any and all security-related information that's given to you. A good source of this would be the SecurityFocus mailing lists; the best one to start with is the "Security Basics" list.


ghost's Avatar

ghost

0 0

Very helpfull sir , much appreciated . This is the course im looking at :

http://www.itt-tech.edu/teach/list/iss.cfm

Im going to the local campus Monday to get started with this .

I do agree that the first underlined field would be best . Admin Duty .

Thanks for the heads up on CEH ill definately look around for the other courses you mentioned .

I signed up to the mailing list at security focus .

Thanks alot to you and netfish for helping me focus my direction . So the course i was looking at this whole time was a good start .

With the information youve given me my list now looks like :

GOAL =

Administration Duties :

  1. Operating Systems Dev. & Security
  2. Business Continuity & Disaster Recovery
  3. Building and Information Protection (?)

STEPS =

1.Classes teaching Information Security and Networking 2.network hardware-specific certs (CCNA, CCSE, etc.), 3.OS-specific certs (Linux+, LPI, RHCE, MSCE - Security), 4.CISSP or other (ISC)2 certifications .

Thanks again . Neqtan


ghost's Avatar

ghost

0 0

Neqtan wrote: Very helpfull sir , much appreciated . This is the course im looking at :

http://www.itt-tech.edu/teach/list/iss.cfm

I heard that ITT is decent. The one thing to be wary of with ITT is that the majority of their credits DO NOT transfer. This means that, if you have to switch schools for any reason, you will most likely be stuck re-doing a lot of classes. Still, if you don't see that being a possible problem, then go for it… it looks like a decent degree. Also, remember to augment your studies with personal research and work; don't just rely on the school to toss you everything you need.

Also, some good advice would be to consider all of your college options before you jump into a 3-year or 4-year degree program. You want to make sure that the one you start on is the one you will want to finish.

With the information youve given me my list now looks like :

GOAL =

Administration Duties :

  1. Operating Systems Dev. & Security
  2. Business Continuity & Disaster Recovery
  3. Building and Information Protection (?)

STEPS =

1.Classes teaching Information Security and Networking 2.network hardware-specific certs (CCNA, CCSE, etc.), 3.OS-specific certs (Linux+, LPI, RHCE, MSCE - Security), 4.CISSP or other (ISC)2 certifications .

That looks pretty solid. Just make sure to get your certs in the order that you end up needing / wanting them; don't feel like you're locked into getting all of your OS-specific certs before your (ISC)2 certs, for instance. Oh, and good luck! :)


ghost's Avatar

ghost

0 0

hacking areas id get into if i were you and planning this sort of career:

all web hacking enumerating machine architecture and OS architecture app cracking LOTS of programming languages rooting(BoF, format string, ?double free?) network security and layout wireless authentication and security possibly more

good luck ^^


ghost's Avatar

ghost

0 0

mr noob wrote: hacking areas id get into if i were you and planning this sort of career:

all web hacking enumerating machine architecture and OS architecture app cracking LOTS of programming languages rooting(BoF, format string, ?double free?) network security and layout wireless authentication and security possibly more

good luck ^^

Well, yeah, if he wants an occupation as a Penetration Tester or a "part-time Hacker", then that would be fine. For a real world entry-level IS job with potential for growth, he has to get a more well-rounded understanding of IT.


ghost's Avatar

ghost

0 0

im just outlining stuff for a "Computer Security Specialist" etc :)


spyware's Avatar

spyware

Banned
0 0

mr noob wrote: im just outlining stuff for a "Computer Security Specialist" etc :)

There's a lot more to Computer Security specialism than Computer Security.


ghost's Avatar

ghost

0 0

key word being outlining? seriously spyware its like youre shadowing me criticising every little thing i say O.o


ghost's Avatar

ghost

0 0

mr noob wrote: key word being outlining? seriously spyware its like youre shadowing me criticising every little thing i say O.o

No offense, but the criticism was deserved. There is a HUGE difference between a hacker / penetration tester and an information security specialist. Oh, and the criticism is not personal, by any stretch… there are a number of people that think penetration testing covers all of Information Security.


ghost's Avatar

ghost

0 0

i did include programming in there lol and not worth mentionning again the stuff other people have already put


ghost's Avatar

ghost

0 0

Zephyr_Pure wrote: I heard that ITT is decent. The one thing to be wary of with ITT is that the majority of their credits DO NOT transfer. This means that, if you have to switch schools for any reason, you will most likely be stuck re-doing a lot of classes. Still, if you don't see that being a possible problem, then go for it… it looks like a decent degree. Also, remember to augment your studies with personal research and work; don't just rely on the school to toss you everything you need.

Yeah i am aware that there credits dont tranfer ! That kinda sucks . I do intend on completeing the course so it wont be to big of a deal . Thats is as long as the credits from them are also acknowledged along side what ever other certs i get like isc2 to back it . Yeah i know that i need to do my own work at home and not just rely on the schooling . Im just wanting the schooling to help me through the basics for understanding , that way i can polish the rest !

Zephyr_Pure wrote: Also, some good advice would be to consider all of your college options before you jump into a 3-year or 4-year degree program. You want to make sure that the one you start on is the one you will want to finish.

Yeah im deffinately dedicated to this and it is set in my heart that this is the type of career i would feel best suited in !

With the information youve given me my list now looks like :

GOAL =

Administration Duties :

  1. Operating Systems Dev. & Security
  2. Business Continuity & Disaster Recovery
  3. Building and Information Protection (?)

STEPS =

1.Classes teaching Information Security and Networking 2.network hardware-specific certs (CCNA, CCSE, etc.), 3.OS-specific certs (Linux+, LPI, RHCE, MSCE - Security), 4.CISSP or other (ISC)2 certifications .

Zephyr_Pure wrote: That looks pretty solid. Just make sure to get your certs in the order that you end up needing / wanting them; don't feel like you're locked into getting all of your OS-specific certs before your (ISC)2 certs, for instance. Oh, and good luck! :)

Sounds like good advice . Thanks for the heads up and luck !

Neqtan


ghost's Avatar

ghost

0 0

I was thinking about what i should start as personal work towards this career goal . Im currently learning Visual Basic as a starter language . What would be some other good topics and or languages to learn ?

Ive been searching for a relevant article on how the internet & networks work . But most of them are kinda corny and vague . Im convinced im not using the right search queery to get the results i think i want . Ill keep trying different wordings in my queerys . Id like to start learning the whole ins and outs of how the information is sent ! What happens inside the computer when sending a piece of information from the PC to the Internet or to the Network , what does the computer do with the info on its way to becoming a packet from start to finish . Then also what a packet does on route to its recieving destination . Then how this is relevant to hacking and manipulation of these routines .

Anyone know of some online topics that thouroughly explain these ?

Peace , Neqtan