Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
cyber-security engineering career
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
kamilsok
n00b
n00b


Joined: 02 Mar 2010
Posts: 57
Location: Gdynia

PostPosted: Tue Oct 09, 2012 5:21 pm    Post subject: cyber-security engineering career Reply with quote

Hello

I'm thinking about shifting my career a little from sys admin/developer to system/network security engineer but, as with most topics, web resources are very broad and it's hard to filter quality ones from the "mob".

I would like to ask You guys about career paths, required skills, good learning resources and any type of tip that You can find?
_________________
"If you are using Linux as a development platform, do not skip first learning administration and security. It is a foolish programmer indeed who is not master of his or her own computer"
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere

PostPosted: Thu Oct 11, 2012 1:45 pm    Post subject: Reply with quote

In my former career as a professional hacker (programmer, whatever), I was entirely self-taught in whatever I did at the moment, and I learned by doing. Some book learning was useful, but mostly, it was just doing stuff and getting my hands in the dirt.

Best of luck. :)
_________________
decibel Linux: https://decibellinux.org
Github: https://github.com/Gentoo-Music-and-Audio-Technology
Facebook: https://www.facebook.com/decibellinux
Discord: https://discord.gg/73XV24dNPN
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Fri Oct 12, 2012 11:46 am    Post subject: Reply with quote

I would start by working with and understanding the different security protection models you can implement. The easiest way to do that would be to set up a few virtual machines, and experiment with their setup and configuration, within a virtual network. Then run security-scanners against them. I take it you're familiar with use and administration of hardened gentoo: you should be running that as your main machine, so that you're familiar with it on a day-to-day basis, and always up-to-speed with its administration. Hang out in their IRC channel, and sign up to their mailing-list.

You should definitely know SELinux and pax-utils very well, and understand Linux Security Modules well enough to work on them. Be prepared to do a lot of research, and make sure you understand netiquette.

Once you've got some knowledge about use and administration, start to contribute to a project, firstly just by trying to fix configuration and usage bugs that you find, things that annoy you. Keep up to date with security mailing lists and vulnerability lists like CVE, and try to understand the different attacks that you see, then start thinking how you can patch software before anyone else does, to make it more secure for everyone: that will help you build a reputation.

Beware of the temptation to crack systems: it's a negative path, and won't take you anywhere good in your life.

Personally I have a high regard for grsecurity which is the umbrella project that pax-utils is part of.

If you find IRC or mailing-lists a bit bruising (they can be) just /join #friendly-coders on chat.freenode.net for a sanctuary and somewhere you can ask for further explanation of what those asshats were on about.. ;)

You won't get there overnight, so take it easy and enjoy the journey :-)

Good luck,
steveL.
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere

PostPosted: Mon Oct 15, 2012 10:27 pm    Post subject: Reply with quote

steveL wrote:

Beware of the temptation to crack systems: it's a negative path, and won't take you anywhere good in your life.



++

Know the difference between cracking and hacking. Know how to perform the former so you can say on your resume you know how to stop it. Know how to do the latter so you can say on your resume you're good at improving system security and making things more efficient.
_________________
decibel Linux: https://decibellinux.org
Github: https://github.com/Gentoo-Music-and-Audio-Technology
Facebook: https://www.facebook.com/decibellinux
Discord: https://discord.gg/73XV24dNPN
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum