How to obtain hands-on expertise in security
I have been interested in Internet security all my life. Currently, I am
attending UNC of Charlotte and am getting my Master's degree in Internet
security. I don't have any experience in security and was wondering what
I can do to become an expert in Internet security (i.e., set up a network at home
and try to hack into it)?
The best way to develop hands-on expertise in security is to grab the
hacking (and counter-hacking) tools that are so readily available on the
Web and use the heck out of them. You will also find the following books
extremely helpful in assisting you through this learning process:
McClure, Stuart, Joel Scambray and George Kurtz: Hacking Exposed,
Third edition. McGraw-Hill, 2002, ISBN: 0072193816.
Chirillo, Michael: He's written numerous books on "Hack Attacks," most
of which are worth obtaining and reading. Especially useful are
"Hack Attacks Revealed" and "Hack Attacks Encyclopedia."
Cole, Eric: SANS GIAC Certification: Security Essentials Toolkit
(GIAC). Que, 2002, ISBN: 0789727749.
Cole, Eric: Hackers Beware: the Ultimate Guide to Network Security.
New Riders Publishing, 2001, ISBN: 0735710090.
On the other hand, you will find that numerous Web sites -- including
many that are well-documented in the preceding books and on SearchSecurity -- are also great learning tools to help you
master this interesting and intricate field of professional activity.
Good luck with your efforts!
For more information on this topic, visit these other SearchSecurity resources:
Ask the Expert: The Catch-22 of infosec employment
Ask the Expert: Experience vs. certification in today's job market
Ask the Expert: The advantages of work-related security experience
This was first published in April 2002