This is directed towards all who work or have working knowledge and experience in the Internet/network security field. I am a firm believer in the rule, "Learn from the mistakes of others. You wont live long enough to make all of them yourself" for that is the purpose of this post to learn from those who have gone through this before or who are currently going through it whatever that 'it' may be.
Basic questions/thoughts: What would be the best way for someone to go about laying a solid foundation of knowledge in the Internet/network security field - (specifically areas like intrusion detection, scanning, firewalls, forensics, incident response and "The Honeynet Project" like topics.) For example, if you had the ability to go back and learn it again (do it all over again), how would you go about it? How would you do it differently? In what order would you have studied the different subjects/technologies? Does learning one subject/topic hinge on the ability to learn another? If so, what would you learn/study first? Programming languages? Which ones? In what order? What did you do to attain the knowledge you have? Would you have done it differently? If so, how and why? For someone who already works in the IT field, has a strong interest in security and wants to seriously pursue this field, what are the steps they should take in order to get going on the right path the solid path, the one with no shortcuts? I am currently reading everything I can get my hands on (picked up 'Know Your Enemy' the other day), just want to make sure I lay a solid foundation to build upon. Grateful for the guidance, -Jack
