| |
| |
| |
|
<shadow98> hey guys I wanted to ask some of you about how someone would go about becoming a security consultant and doing most of work from home....penetration testing and things of that nature
<shadow98> I currently am a network admin with a company but I would like to start trying to do my own thing from home....and network security is something that interest me the most
<servicepack> good morning
<servicepack> feel free to ask a question
<shadow98> good morning
<shadow98> is anybody on this channel an security consultant...
<servicepack> also i'd recommend a sans.org course on pen testing (i think they call it vulnerability ***essment)
<servicepack> shadow98, most are, the rest are security aware network admins
<servicepack> the sans course will teach you tools and technique.
<shadow98> im somewhat security aware but not complete
<servicepack> also I'd recommend find a mentor or working in that capacity with someone else for a while
<servicepack> there is alot of experience that needs to be experienced
<shadow98> i need some more knowledge...i mean I setup our firewall and configure a few things like that...but i know there is a lot im missing
<shadow98> ive also setup a freebsd based firewall here at home..
<servicepack> a firewall and vulnerability ***essment have little in common
<servicepack> you need to learn about operating systems kernels and services
<servicepack> how to exploit and patch them
<servicepack> then you will be useful to someone wanting that service
<shadow98> where do you find most of your info...???
<servicepack> i've been doing this for 7 years and I still don't know all there is
<shadow98> i mean is there a site to start reading
<servicepack> www.infosyssec.com has a ton of cr@p
<shadow98> i need a starting place
<shadow98> thanks
<servicepack> also take the sans.org course
<servicepack> track 4 i believe
<shadow98> is security+ worth getting?
<servicepack> also i believe there is a mailing list called pen-testing on bugtraq
<servicepack> you may want to skimm off that too
<servicepack> shadow98: yes any certification is worth having. but there is alot more to it then security+
<shadow98> well i wanted to get on track to get some certs...should i start with security+....i mean i have to have something under my belt to show some credit..
<shadow98> i wouldn't think a company would just hire me off the street if i say well i have taken the sans.org track 4 and read some books and what not...
<servicepack> wrong
<servicepack> sans track 4 is worth more to a real security operation
<servicepack> it is the best move you can make (both professionally, and for the knowledge and simulated experience you seek)
<servicepack> i'm outtie bye bye
<shadow98> should i start off going through all the tracks
<shadow98> 1,2,3,4 etc
<busket> s
<Kryczek> s
<m4z> z
<web_knows_> sup
<Kryczek> hey guys, i got a funny question
<Kryczek> you guys know about Wake-on-LAN ? Just send some special packet to boot a computer that supports WOL
<Kryczek> now
<Kryczek> would that work over wifi? :D
<d0d63> dunno... It's a combination of a funny packet (forget the specifics), but also a function of the network card.
<d0d63> So, see if you can find a wifi nic that supports wake-on-lan, and you're golden. I guess.
<foo_> any idea which OS's replies with ACK when they receive a TCP SYN/FIN segments and other weird combinations?
<m4z> hmmm, nmap might...
<m4z> never actually found a paper listing that kind of stuff
<Kryczek> foo_: you have that kind of stuff in the OS fingerprints database of Nmap
<Kryczek> d0d63: yeah, i looked on google for wifi cards that support WOL prior to asking, but apparently there are none or only a few
Return to security
or
Go to some related
logs:
canada
gentoo transparenz
beginner
kelinflip
|
|