SOCNET

Go Back   SOCNET: The Special Operations Community Network > Areas of Expertise > Technology and Communications

Reply
 
Thread Tools Display Modes
  #61  
Old 9 March 2015, 19:32
Atrax's Avatar
Atrax Atrax is offline
Confirmed User
 
Join Date: Sep 2005
Location: CONUS
Posts: 356
Roger that on the tech aspect, I get that it's largely management focused and probably markets to the abovementioned IT folks seeking mobility. I've got about 9 months of post 9/11 GI Bill left, and am shopping around on how to use it. Given that it's Georgetown, online, and in a field of interest I thought I would at least give it a look. Thanks for the feedback.
Reply With Quote
  #62  
Old 10 March 2015, 11:30
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Don't let any of that discourage you. Just know that it won't be as heavy on technical. If you're looking for that, certifications are an easy way to fill the knowledge gap. Good luck, and let us know how it goes.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #63  
Old 11 March 2015, 18:37
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Someone asked if I had a common set of tools that I use. I replied that it really depends on the type of engagement. Here's a very broad list that I can think of off the top of my head that are common to me everyday. Again, it really depends on what you're doing. If it's a web-app test, a lot of my time is spent in Nmap and Burp. If it's an internal network test, then a lot of time could be spent in Metasploit. You get the point. Ask questions if needed.

Kali Linux: an entire *nix distro canned with a ton of pre-installed tools--many of which are listed here anyways.
AppDetective: for databases
BurpSuite: Website vulnerability scanning and exploitation
WebInspect: Website vulnerability scanner
Nessus: Vulnerability scanner for servers/workstations/networks
Nikto: Public web server vulnerability scanner
Scuba: Database vulnerability assessment tool
Nmap: Port scanning tool (and more if you know how to use it).
Wireshark: Network protocol analyzer and packet capture utility
Nipper: Router/Switch configuration utility
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #64  
Old 10 April 2015, 10:03
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Someone asked how to learn to use the tools. There are many OS distributions out there that are purposefully set up to be vulnerable. You load these as a virtual machine, and go to town.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #65  
Old 2 June 2015, 10:02
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
SCADA (supervisory control and data acquisition)

Prompted from another user's question to me privately...

I won't regurgitate the description, so feel free to read all about it here on Wikipedia: http://en.wikipedia.org/wiki/SCADA

In brief, SCADA systems are centralized systems that managing things like command and control of large industrial assets. Think: power-plants, water facilities, and other large industrial systems.

In the security field, there are folks that specialize in SCADA. I am not one of them, but I know enough to speak with some authority on them. A lot of infosec folks who work SCADA come from an industrial security background, or otherwise have a lot of intimate knowledge about the industry.

As far as the work-field, Department of Energy is a good landing place for those with knowledge of SCADA, as well as any of the large energy co-ops or manufacturing firms.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #66  
Old 7 July 2015, 19:05
Overland's Avatar
Overland Overland is offline
Confirmed User
 
Join Date: Apr 2000
Location: USA
Posts: 729
Thank you for this thread, CV. One of the better resources I've seen.

How much beer would be required for a similar thread for people new to networking? Digging through Network+ right now (hey, it's free through work) and I'm really enjoying it but I know I'm missing a hell of a lot.
__________________
Illegitimus non carborundum.

"Stop quoting laws. We carry swords."

Last edited by Overland; 7 July 2015 at 19:05. Reason: Stupid wording.
Reply With Quote
  #67  
Old 8 July 2015, 06:47
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Quote:
Originally Posted by Overland View Post
Thank you for this thread, CV. One of the better resources I've seen.

How much beer would be required for a similar thread for people new to networking? Digging through Network+ right now (hey, it's free through work) and I'm really enjoying it but I know I'm missing a hell of a lot.
Toss me your questions. I can help you out.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #68  
Old 27 August 2015, 09:30
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
I'm going through the eCPPT certification content. It's pretty solid, and I really like the exam certification process (practical exam, based on skills--not multiple choice answer fuckery).

I would put this between the CEH and the OSCP. For people looking to climb the ladder in penetration testing, I would recommend CEH > eCPPT > OSCP. If your organization will pay for it, go for GPEN (SANS) > eCPPT > OSCP.

Anyways. I'm pleasantly surprised at the depth of the content, and the quality of the labs. If you have a solid background in information systems/networking, you can jump into this and spend time learning the content. The price is fair enough that you can likely afford it without much help.

https://www.elearnsecurity.com/certification/ecppt/
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #69  
Old 21 January 2016, 11:45
Dre Dre is offline
Registered User
 
Join Date: Sep 2007
Location: Las Vegas
Posts: 8
Western Governors University

Hello all,

My objective is to get a degree in information technology with an emphasis on security, with the end goal being a career in IT Security.

I am reaching out to see if anyone that has any experience, knowledge, or insight into the IT-Security BS program at WGU would care to share.

In addition, I would love to get the opinion of anyone currently in the field as to the viability of my plan to enter the career field via an education in IT Security from WGU (or any other university).

How important is the Bachelors degree vice industry certifications?

I assume that a combination of both is ideal?

I plan on going with option C (listed below) and am currently reviewing the list of transferable certifications but I am not 100 percent certain as to which one would best to start with.

In order to qualify for admissions into the program, students must have one of the following:

a) 3 years of IT work experience
b) an associates degree in IT
c) IT certification

The list of qualified certifications is available at the following web address:

http://www.wgu.edu/admissions/it_certifications


I am asking for a lot of information, thanks in advance for any time spent in response. If there is ever a way for me to help anyone on this board, i will do so.
Reply With Quote
  #70  
Old 21 January 2016, 13:44
assertnull's Avatar
assertnull assertnull is offline
Confirmed User
 
Join Date: May 2011
Location: SE Texas
Posts: 3,058
Quote:
Originally Posted by Dre View Post
In addition, I would love to get the opinion of anyone currently in the field as to the viability of my plan to enter the career field via an education in IT Security from WGU (or any other university).

How important is the Bachelors degree vice industry certifications?

I assume that a combination of both is ideal?
A massive "it depends".
Infosec is fairly...broad?

There are roles that require an in-depth understanding of code, and ones that do not. The ones that do, unless you're the type of savant that can pick up the K&R ANSI C book, dick around with a few open source projects, and find yourself doing useful debugging relatively quickly and easily, you'll find a structured program (such as a bachelors program) much more conducive to picking up the skillsets you need.

For the roles that require little more than a surface understanding of different languages, exploits, etc, you may find such a structured program unnecessary, and be able to build a minimalist set of skills that will get your foot in the door - for shit pay, but one bullshit generalist cert (like the CISSP) and 2 or 3 years' experience, after which you snag a cert that demonstrates real tangible proficiency, you should be cooking, and able to pick up an infosec gig for not-so-shit pay (not within the same company, obvs, big pay jumps from entry level rarely happen abruptly within the same company). So as a hypothetical, you snag a CISSP, snag a linux cert, work a year or so for a web hosting company - who are notorious for a high turnover, minimal required credentials, and paying jackshit, but give you a real eyes-on into servers getting owned - use the cash to bankroll more intensive cert programs, then make the leap into either the consumer or vendor side (my entire career has been the vendor side).

The "it depends" includes your tolerance for debt, too. If someone else is funding this, sweet. This field is fairly unique in that there *is* a career path for people who don't have a degree. Personally, I have zero certs (though I've spent a silly amount of time reading various certs' coursework), and no degree (but enough credit hours for a fucking bachelors+masters...dont ask).

Had I won the Powerball jackpot, I'd probably go back to school, and not just for the sake of perving on coeds, there are some things I think I could learn that would benefit my career even now with 12+ years under my belt. But I have 12+ years under my belt, and have managed rather nicely without either.

Quote:
Originally Posted by Dre View Post
I plan on going with option C (listed below) and am currently reviewing the list of transferable certifications but I am not 100 percent certain as to which one would best to start with.
The cert - or certs - *I'd* suggest snagging, depend on what your current skill level is. If you're network-illiterate, and don't have a reasonable understanding of How The Internet Works, the CompTIA certs tend to be the easiest to work through, and the Network+ would be a good base to start with. Perhaps Network+ followed by the CISSP, and if you can comfortably ace both, you should have the very basics down *just to get your feet wet*. Still a shitload to cover - I would not hire someone who only had those two certs and no experience, I'm suggesting those two as a base for not being completely overwhelmed should you pursue the bachelors (or even the self-teaching route wherein you simply acquire a massive stash of certs and work experience).

Others may have different opinions - my path in this career has been fairly unique. But that's what comes to mind offhand.
Reply With Quote
  #71  
Old 21 January 2016, 14:46
jerome's Avatar
jerome jerome is offline
Confirmed User
 
Join Date: Nov 2000
Location: OCONUS
Posts: 289
This is for your security track not development or anything db related.

To get into the program get one or both of the following in order; Network Plus and Security Plus. Those are not hard

Definitely a Bachelor’s degree in anything remotely related to computers, I believe it has a level of maturity. The one thing I have noticed is IT guys with degrees tend to deal with politics and silliness better the IT guys with no degrees, but that is for a different thread. I just read the program you’re interested in and you will not dive deeply into anything. So intend to obtain the CISSP or CISA or CISM when you are close to finishing or shortly after.

Your time off download VirtualBox, create Linux images and learn Linux, command line, bash, python, as much as you can. With VirtualBox you’ll understand VM’s and how a lot is going virtual now. Once you are comfortable with Linux and the security aspects of Linux move on to learning Wireshark, Snort and Bro IDS. This route you’ll how to understand network traffic, understand and maybe create signatures, identify malicious traffic besides what shows up in a SEIM and maybe recognize indicator of a compromise. This might sound like a lot but it’s really not and you will run into hard problems. Feel free to break stuff and make mistakes.

If your brain is tired watch TV and play with Wireshark, Sysinternals or Sleuth kit to understand malicious stuff on a system, just system activity or maybe a recognize indicator of a compromise. Don’t try to learn it just play with it and figure out what it’s telling you is key.

Your degree will teach People, Policy, Procedures but not much on Technology. You’ll be in a good place at this point.


VirtualBox free
Linux free
Snort free
Bro IDS free
Wireshark free
Sysinternals free
Sleuth kit free
Google GRR Free

I’m tired of writing this and hope it helps.
__________________
I don't care if I follow your rules. If you can cheat, so can I. I won't let you beat me unfairly I'll beat you unfairly first. -Ender Wiggin

"When policemen break the law, then there isn't any law - just a fight for survival." - Billy Jack
Reply With Quote
  #72  
Old 21 January 2016, 14:59
jerome's Avatar
jerome jerome is offline
Confirmed User
 
Join Date: Nov 2000
Location: OCONUS
Posts: 289
Simply because it’s required watch Hitchhiker's Guide to the Galaxy and be able to use any line the movie in any meeting you are in. Pay attention to who gets it and who doesn’t. The more serious the meeting the better.

Know Doctor Who and the supporting objects and charters

To gauge your IT progress watch the movies below before and after your program.

Hackers
WarGames
All the Matrix movies
The 1982 Tron only.
__________________
I don't care if I follow your rules. If you can cheat, so can I. I won't let you beat me unfairly I'll beat you unfairly first. -Ender Wiggin

"When policemen break the law, then there isn't any law - just a fight for survival." - Billy Jack
Reply With Quote
  #73  
Old 21 January 2016, 15:11
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
Depends what you want to do. It's hard to tell someone not to get a degree, but it's far from required. I manage a team and have no degree.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #74  
Old 21 January 2016, 17:56
jerome's Avatar
jerome jerome is offline
Confirmed User
 
Join Date: Nov 2000
Location: OCONUS
Posts: 289
Quote:
Originally Posted by CV View Post
Depends what you want to do. It's hard to tell someone not to get a degree, but it's far from required. I manage a team and have no degree.
My intention was not to come of as having a degree is better or being disrespectful. It's just different. The self taught IT staff I observe tend to be more demanding.
__________________
I don't care if I follow your rules. If you can cheat, so can I. I won't let you beat me unfairly I'll beat you unfairly first. -Ender Wiggin

"When policemen break the law, then there isn't any law - just a fight for survival." - Billy Jack
Reply With Quote
  #75  
Old 21 January 2016, 18:14
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
No, I didn't take it that way. I just wanted to show how in this field, having one is not necessarily a requirement. If you can get the degree, go for it. It's always easier to get past HR folks with one.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #76  
Old 21 January 2016, 18:34
MountainBum's Avatar
MountainBum MountainBum is offline
Vivat Fraternitatis
 
Join Date: Apr 2004
Location: OCONUS
Posts: 877
A few thoughts.

- You may want to head over to the TechExams forums where WGU is discussed on an almost daily basis.

- Take the following as just one random dude's perspective. As someone in a hiring-manager position at our small security startup - I'm not going to be impressed by a degree alone. I'd also like to see passion about the field in the form of a) you taught yourself how to to code in say, C or Python and built [or contributed to] some infosec related projects or b) you went out and got some certifications and applied that knowledge towards doing independent research - then published it on a blog or other platform.

- Spend time at some free or low cost infosec conferences (BSides, etc.) to get a feel for the current landscape of the field and its challenges / paint points.

- Check out the netsec subreddit and start subscribing to infosec podcasts.

- There's a lot of noise in the infosec field - if you can immerse yourself in its various nuances through executing on the sum total of advice in this thread then figure out how to extract the signal from that noise and capitalize on it - you'll be well ahead of the curve.

- I realize my response exceeds the scope of your question but hopefully it sheds light on a path to becoming well rounded in the field, which should help you with your career prospects.

Good luck with your endeavors.
Reply With Quote
  #77  
Old 21 January 2016, 18:42
CV's Avatar
CV CV is offline
Authorized Personnel
 
Join Date: Apr 2003
Location: US
Posts: 7,628
To add to Mountainbum, it may also prove valuable to become a SME on some kind of sub-topic in infosec. You have to have an all-around mastery, but find something to specialize in. I have taken up SE and 802.1x (or anything wireless) as an example, but I can also perform tests on, say, web-apps. Make sense?

It's a weird field where experience and passion beat out degrees. Degrees can still get your ass in a chair though, so I want to make sure I emphasize that you don't necessarily need to exfil from school.
__________________
It's a hipster filter. Keeps your kind out. -Jimbo
Reply With Quote
  #78  
Old 21 January 2016, 19:03
Fubar's Avatar
Fubar Fubar is offline
Been There Done That
 
Join Date: May 2009
Location: South Fork Ranch
Posts: 3,641
Quote:
Originally Posted by jerome View Post
My intention was not to come of as having a degree is better or being disrespectful. It's just different. The self taught IT staff I observe tend to be more demanding.
Off topic: Demanding? In what context? Whiny babies? Or more passionate and not easily controlled?
__________________
"The nice thing about Twitter, in the old days when I got attacked it would take me years to get even with somebody, now when Im attacked I can do it instantaneously, and it has a lot of power. You see some genius statements on Twitter. You see some statements coming out which are Ernest Hemingway times two." - The Trumpmeister
Reply With Quote
  #79  
Old 21 January 2016, 22:53
Atrax's Avatar
Atrax Atrax is offline
Confirmed User
 
Join Date: Sep 2005
Location: CONUS
Posts: 356
As I make my own tentative steps into the cybersecurity world, I've been making good use of FedVTE (https://fedvte.usalearning.gov/)

Lots of free coursework on a lot of the certifications discussed here. The catch is you need a .gov address or to be a veteran. As I am starting from the very bottom, I'm going through the CompTIA A+ material in the hopes of testing for the certification in the near future.
Reply With Quote
  #80  
Old 22 January 2016, 03:27
Gray Rhyno's Avatar
Gray Rhyno Gray Rhyno is offline
Authorized Personnel
 
Join Date: Feb 2005
Location: NoVa
Posts: 9,366
It's been my experience that a lot of the CompTIA courses out there are run are "boot camp" courses that expect you to already have some background in the topic. I've seen very few that are designed to take someone who knows nothing about computers all the way to certified. For example, there are questions on the A+ exam that ask about the internal components and workings of a computer, but I've seen plenty of A+ courses that do not take computers apart, they just show you pictures. I would hate to 1) spend the money for the test and fail it, or 2) show up at company X with a cert, but not know any practical skills.
__________________
"The most HSLD stuff ever taught was the basics. So-called 'advanced training' is often no more than the very fluid and expert application of those basic skills." - SOTB
Reply With Quote
Reply

Thread Tools
Display Modes

Our new posting rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -4. The time now is 03:16.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.
Socnet.com All Rights Reserved
SOCNET 1996-2018