RE: Security Evaluation Project

["J. Yoon" <supercool9000 () hotmail com>]

Correct me if I'm mistaken but it sounds like a degree in "Info-sec 
assurance" targets
a management-level job rather than those entry-level security admin jobs. 
While I was at a seminar studying for CISSP a while ago, I was told that 
most jobs dealing with 'assurance', 'creating policies', 'assessments' are 
more geared towards the management aspects
whereas certifications like security+,ccsa etc are more for those who want 
to be in the trenches.

Anyway, If you want to get in to the details, it should come a lot easier 
than learning from scratch since you already know the theory behind it.  In 
my opinion, it might be easier and beneficial to your career if you study 
toward a certification of some type at each stage below,
just for the sake of having the credentials.

- To satiate your immediate needs,  grab a copy of  a book such as the 
"hacking exposed" series and follow it step by step (without breaking any 
laws, that is) then get a book that teaches you more details on how to 
counter those attacks. If you can get a unix account, it will help a great 
deal.

- get yourself AT LEASTt 2 more computer(s) and 2 more nics (and also get a 
wireless nic)
you don't need anything more expensive than $100 ~ $400 bucks since it won't 
be used for anything graphic or processor-intensive. last one i paid for was 
cheaper than my shades.

- install several flavors of linux... some are freely downloadable. mandrake 
and freebsd seem to be the popular choice among people in the security 
field.  in my opinion, knowing Unix inside out &   knowing how to 
program/manipulate shell scripts is crucial... just the same as a mechanic 
should how to fix something as simple as a flattire.
(go for linux+ cert)

- on your existing comp, say goodbye to any win 95/98/ME if you have those 
installed.
I won't go so far as to say it's the most useless people of O/S because 
we've all spent many fond golden years with it, but it sure is one of the 
most insecure.  (if you have a good idea on how this OS works just go for a 
A+ cert.)

- get a copy of Windows nt/2000 or xp  professional or server versions.
might cost a bit but it'll pay off in the long run.  (all are based on NT 
technology, but for some reason XP has by default "simple-file-sharing" 
turned on so you have to disable that in order to take advantage of the full 
security features.)

- set up a home network.  Don't just "get it working somehow", that's not 
the point.
Try to understand how this whole TCP/IP thing works. As for me i have a 
habit of deliberately changing the settings in the config  just to see if i 
can recover it.
(a cram session book on network+ might help as well)

- also try setting up network using different kinds protocols such as IPX

- see if you can transform one of your computers into a router.

You can do this by installing 2 nics, configuring the ip addresses,
and then clicking 1 checkbox in Windows NTseries.
Learn to do same using linux.

- Then download linux-router, freesco to learn how to configure those as 
well.

- get a copy of checkpoint firewall-1 trial version
and learn to configure a stateful inspection firewall.
(might get you qualified for ccsa certification)

- learn to set up your own servers, smtp / web server / ftp server /
(look into server+)

- set up NFS, samba, etc.. basically, the idea is to turn on all your 
computers at the same time
and try to get all your operating systems to work together.

- then go back to one of your favoriate hacking-relates books
and relearn the techniques on ALL the platforms you've just installed.
including using different types of scanners, enumeration methods, backdoor 
kits, etc.
install and learn to use all of the software mentioned in all security 
books.

- use a software like network monitor/ sniffer and get into the habit of 
looking at packets
in transit, get familar with how things look.  you'll be surprised how much 
information's sent in the clear (plain text)

- look into PGP, openssh, tcp wrappers
- See if you can find ways to brute force crack any of your passwords.
For starters, save MS Office document with a simple password and bruteforce 
it.

- LOCK DOWN:  change the default security settings on each OS,
install patches, plug all the holes, and disable unnecessary services,
configure firewall/router to default-deny mode  allow only the services you 
understand
and want to let through.

- if you're really up to it, get another router / network kit and build 
something like a dual perimeter network. this is a bit more complex but an 
exciting thing to try. (look into "building internet firewalls" by O'reilly)

hope this helps a bit...Good luck.

_________________________________________________________________
What are the 5 hot job markets for 2004? Click here to find out. 
http://msn.careerbuilder.com/Custom/MSN/CareerAdvice/WPI_WhereWillWeFindJobsIn2004.htm?siteid=CBMSN3006&sc_extcmp=JS_wi08_dec03_hotmail1


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------