Friday, August 24, 2012

Roadmap

I finished up with school a few weeks ago and have been unwinding a bit enjoying the rest of the summer. I have been contemplating on where to go from here regarding learning more about the InfoSec industry. I really want to just jump head first into things like penetration testing, forensics, and malware analysis but I think I need to brush up on some basics before I do that. I don’t want to jump into some of those topics and get overwhelmed and stall out. I plan on focusing this blog on the topics mentioned above after I cover some of the basics. I have an extreme interest in pen testing so that will probably be the main topic I focus on after I get up and running.

To help me I wanted to put together kind of a roadmap on what I want to learn. This has changed a few times over the last few weeks but I feel pretty good about it now.

Finish reading Counter Hack Reloaded
- I’m currently on Chapter 8 and so far it is a good read. Learning a lot about how attackers do the things they do

Study for and take the Network+ exam
- I see this as a good foundation going forward. I have a good grasp on Networking in general from my career experience so hopefully this won’t be terrible
- I will be using This Book to study for it

Study for and take the Security+ exam
- This is also to set more foundation going forward.
- I will be using This Book to study for the exam

Then I plan to start digging deeper and learn Metasploit.
- I will be using this book This Book to learn it.
- I also intend on using things like SecurityTube which has a Megaprimer on Metasploit

Learn Python
- It seems to be a language that is used quite heavily in the industry.
- One resource I will use is Learn Python The Hard Way but I also have a few books on O’Reilly books that I have picked out.


I believe that is a good start and should probably keep me busy for the next 6 months to a year. I'm hoping to have 1 or 2 blog posts per month but it will depend on what kind of time I have.

Until next time....See Ya!!
Posted by at No comments:

School Update

Just wanted to put a quick update. I've been extremely busy with school, work, and family life so I haven't had much time to put into learning more about the InfoSec industry. That is about to change though. I have decided to not return to NC State to pursue my Masters in Computer Science. They offer almost no security related classes through their distance education program and that has had me conflicted for a few months.

After doing some searching I found a program that I am interested in at Western Governors University and they have a Masters in Information Security and Assurance. The school is accredited and seems legit from the research I've done so far. One of the things I like about the school is you basically learn at your own pace and when you know the material you can take an assessment to prove you know the material and you are done with that course. They have 6 month sessions and have a flat rate tuition ($3000) for a session no matter how many assessments you end up passing. That is a lot less expensive than most schools I've looked into. They also use some industry certifications as their assessments (CCENT, C|EH, C|HFI, GIAC G2700) so it would be good to come out of school with a Masters and some certs.

My plan is to take a year off of school and start learning more about the industry, I'm mainly interested in penetration testing, forensics, and malware. I'm hoping to post some of my experiences here over the next year on what I am learning and how I'm going about it. Another reason for taking a year off is we have our 3rd child due to arrive around the first of the year so there will be some life changing going on. Hopefully I'll stay sane enough to get in some InfoSec learning......

Until next time....
Posted by at No comments:

Books

There are plenty of free resources out there but I do like to pay for good books. I personally use O'Reilly's Safari for online book reading. I've been using it for a few years now and I really like it. It is nice to be able to use my tablet, phone, or computer to read a book. There is a 10 day free trial and that is what hooked me many years ago. I currently have a 10 book bookshelf and I am able to choose 10 new books a month (if I happen to read all 10 that month...which doesn't happen). I believe I upgraded to the 10 book option as a deal and I got it for $19.99 per month which I feel is a pretty good deal. Here are the books currently on my shelf regarding Information Security.

Currently Reading
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)

On the Bookshelf
The Basics of Digital Forensics
Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7
Digital Forensics with Open Source Tools
The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Windows System Programming (4th Edition)
Write Great Code, Volume 2: Thinking Low-Level, Writing High-Level
Windows via C/C++

I believe you can kind of tell by the looks of the books that I'm greatly interested in Forensics but I'm also interested in Malware Analysis, Pen Testing....more of the engineering side of things. It amazes me how smart folks out there can find exploits in systems, it makes me want to learn more.

The issue I have is TIME. Having a full time system admin job always requires me to continue learning and keeping up with that part of the industry. Then when I get home I usually have school work to do although this semester is very helpful because it is a C Programming class. Speaking of, C Programming - A Modern Approach is the book we are using for class. It is a good book so far but since it is geared towards being a school text it is expensive. Back on the topic of time, I also have a family I love spending time with and also try to have some type of social life. That leaves late nights for my InfoSec stuff but I'm trying to do as much as I can right now.

I've seen quite a few books recommended out on different InfoSec blogs and sites, here are a few of them. I haven't read any of these but I'm hoping some are available through O'Reilly so I can check them out.

TaoSecurity seems to do a review on the best books every year. I haven't read any of these yet but I will be putting some of them on my list.

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Crimeware: Understanding New Attacks and Defenses
Security Engineering: A Guide to Building Dependable Distributed Systems
Hacking Exposed Series
The Giant Black Book of Computer Viruses
The Mac Hacker's Handbook
The New School of Information Security
Cryptography Engineering

If anyone reading this has read any of these books and can give a recommendation or not that would be great.
Posted by at No comments:

Experience and Education

In this article I am going to go a little into my background regarding my experience and education. I'll try not to bore you too much but I think it is a good to put this out there so others can see where I have come from.

Career Experience
I started in the IT field out of college back in 2000. My first job was for a small company and I handled the desktop and server duties there for about 50 users and 2 locations. It is actually hard to believe how much I didn't know when I started there....I still remember learning what exactly TCP/IP was during my first week there. The guy that was in that position before me was moved into a programming position working on an internal application. He had implemented quite a few systems using Linux and that is where I got exposed to Linux for the first time. I learned quite a lot from him and when he left the company I took over the Linux stuff. We had deployed Samba file servers, DNS server, site-to-site VPNs, a remote access VPN, Internet access gateway, and a few other services using Linux. I learned a ton in the first year there and am grateful they gave me the opportunity to start my career. During this time I was interested in the security side of IT but never really acted on it. After about 2.5 years there I moved on.

My next job was a desktop tech for a hospital, it was a much larger environment and had growth potential. I eventually moved into a Systems Administrator role which has morphed into the position I am in now. This role was mainly Windows systems administration managing servers and services like Active Directory, DNS, SAN, Exchange, etc. The environment was about 100 servers and maybe a thousand desktops. This is also the time when I learned VBScript enough to do quite a bit of automation. I still remember using Group Policy and VB to shut down a virus or two when we had an outbreak.

The hospital was eventually bought by a larger healthcare organization and that is where I am now. I moved from doing all types of server administration to now mainly concentrating on the messaging side. I manage our Exchange, Enterprise Vault, and OCS/Lync environement for about 25,000 users. This position has allowed me to grow alot in my knowledge of how things work together and I am learning more each day. I have also moved on from VBScript and I use Powershell now for any automation needs.

Education
I attended Western Carolina University and earned a Business degree concentrating in Computer Information Systems. Looking back I really wish I had gone the Computer Science route but hindsight is 20/20. I actually wanted to get a minor in Computer Science at one point and I enrolled in a C++ class. Too bad I was horribly lazy and decided I didn't need the minor so I dropped the C++ class and never considered it again. After graduating and getting my first job I attended a MCSE training track and eventually took all of the tests to earn the MCSE certification. The classes were OK but some of the instructors were clueless. After finishing that I decided I wanted to go back to school to earn a Masters degree.

I enrolled at UNC-Charlotte and since my undergrad was in Business I had to take a lot of prerequisites before I could apply for the Masters program. I took Java, C Programming, Algorithms, Data Structures, Calculus and a few other courses before I eventually quit school just short of being able to apply to the program. I had a good excuse though, I had met an amazing girl and after getting married I decided me being gone 3-4 nights a week in school was not good for the beginning of a marriage. We now have 2 wonderful kids and a 3rd on the way!!

Getting a Masters degree has still been something that I've wanted to accomplish. Last spring I was talking to a co-worker and we were talking about school and that prompted me to do some searching on distance education degrees. I found that North Carolina State has an Engineering Online program that offers a Distance Education Masters in Computer Science. I was horribly conflicted because I am a huge NC-Chapel Hill Tarheels fan and I would be ridiculed by all of my NC State-loving family members if I enrolled at State. I swallowed my pride and applied to school as a non-degree seeking student and was accepted. Of course my family laughed and it seems every other gift I receive now is a NC State shirt. I happily wear the shirts now but I haven't given up my allegiance to the Tarheels.

I am currently enrolled at NC State and still working on prerequisites to apply to the Masters program. Feels like I've been working on this FOREVER....I may have a party just to celebrate being done with the prerequisites if I ever get there. I have had to take Calculus II and Calculus III (thank God that is over) along with Computer Organization and Assembly Language Programming so far. I throughly enjoyed the Assembly class and have plans to keep messing with it if I get time. I think that knowledge will help if I ever get into Malware Analysis which is something I have an interest in. Currently I am taking a C Programming class (yes again...) and I am enjoying it also. I didn't have to take that course but I've decided to get a Graduate Certificate in Computer Programming before starting my Masters which unfortunately requires me to take C programming and data structures again. I could only transfer a certain amount of hours from UNC-Charlotte to complete the requirements and I believe a good refresher in C and data structures can only help me. I also did not want to start my Masters at the same time the new baby was coming so the year delay will be ok.

The only thing I have struggled with regarding the NC State degree is they don't offer much regarding information security though distance education. I considered returning to UNC-Charlotte where they have a Masters of Info Systems that concentrates in Information Security but the cost is higher and I would have to make the hour drive one or two nights a week again. Right now I will be sticking with NC State and take as many courses as possible that deal with security and any projects I have to do will hopefully have a security angle on them.

Well....now that I have blasted you with a wall of text about me I hope that future posts will be more productive. See you next time.......
Posted by at No comments:

Introduction

Hello World!! I am starting this blog about my journey learning about Information Security. I don't really anticipate anyone ever reading this, it is more for me to document the things I've done and what I want to learn more about. I will probably have a few quick posts on my background, what I want to learn, how I will go about learning it, and my ultimate goals and then from there maybe some updates on what I am learning.

One reason I started this blog is because I ran across a 2 part article last night from DigiNinja about Breaking Into Security (Part1 & Part2). One of the suggestions was to start a blog....so here I am. I have tried to blog about other things in the past but nothing really stuck so I hope this might go a little better. I also have to give a shout out to the folks at PaulDotCom for having a hand in my interest in InfoSec. I was introduced to their weekly podcast by a co-worker and 6-8 months ago and I have been listening to them every week since. I have also starting listening to podcasts from NetSecPodcast and Liquid Matrix. I really enjoy listening to all of the different perspectives these folks in the industry have and they also are usually pretty funny in the process.

I have always been interested in the Security side of Information Technology but so far my career has taken me the way of a server Sys Admin. I thoroughly enjoy what I do but InfoSec really catches my attention and I just want to learn more. I am especially interested in Pen Testing and Forensics. My 12 year career as a Sys Admin has definitely laid a great foundation on which to work from.

Well that is all for now. I will be posting more soon on my background and what I want to accomplish.
Posted by at No comments:

New Blog Name

I started this blog at Learning about InfoSec and got a few brief posts done but decided the name of the blog didn't really line up with what I would be posted about and learning. The information security industry is so broad and has so many topics that I thought I needed to create a blog specific to what I am interested in. Those topics are Penetration Testing, Computer Forensics, and Malware Analysis. I think the name "Defend Your Systems" is more inline with those topics.

I will be moving the posts from the other blog to this one today so all of that information is in the same spot.
Posted by at No comments:
Subscribe to: Posts (Atom)