I got started by trying to make my own machine me proof. I knew quite well its weaknesses - if it was resistant to me, I was doing the best I could.
Note: The boxes to my left and my right (network-wise) were hit by the RTM worm back in 1988. I wasn't. Been paranoid a long time. But I installed a "doctored " fingerd anyway.... V/R Jim Omar Koudsi wrote: > > I found that the best way to learn other than reading and implementing, > at least for me, is the honeypot approach, put a machine on the net with > a permanent address and see what kind of attacks it faces and how can > you counter them. It will also allow you to figure out firewalls and IDS > systems. > > ----------- > Omar Koudsi > IT Architect > Network Security Center > Special Systems Company > http://security.sscjo.com > [EMAIL PROTECTED] > Tel: (9626) 5664221 > Fax: (9626) 5681557 > > -----Original Message----- > From: Jeremy [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 07, 2002 1:00 AM > To: Douglas Pichardo > Cc: [EMAIL PROTECTED] > Subject: Re: Please help a young aspiring security professional > > Securing Linux is a good book... i have it at work, ill get the isbn for > you... also read this... > > http://www.linuxworld.com/linuxworld/lw-1999-05/lw-05-ramparts.html > > this is a neat article... may help you out.. > > ----- Original Message ----- > From: "Douglas Pichardo" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, January 04, 2002 7:29 AM > Subject: Please help a young aspiring security professional > > > Revered security professionals: > > Hi, my name is Douglas Pichardo and I am 16 years old. I live in > > Virginia Beach, Virginia (USA), and I am in the 10th grade. I have > > been a member of this discussion list for several months, trying to > > learn all I can about > the > > world of security, which I have a strong interest in. This last > > summer, > when > > my interest popped up, I spent several hours almost every day reading > > webpages about every security topic that I could read about and > understand, > > but at that time I was using Windows 98 and was unable to really get > > into > and > > play around with any of the information I learned, and decided to get > > an > OS > > that would allow me to - either Linux or Windows 2000, and Windows > > 2000 is too expensive. For Christmas, I got SuSE Linux 7.3 > > Professional, > <u>Hacking > > Linux Exposed</u>, and <u>Linux System Administration</u>, as these > > all > had > > good reviews in various places and I did not like Mandrake 8.1 which I > > > had burned on CD and previously installed. Well, to the point: I would > > > like to try out security things like firewalls and such and be exposed > > > to the internet (I'm behind a Linksys Cable/DSL router with NAT), but > > I don't feel anywhere near knowledgeable enough. > What > > I'm looking for is a internship of sorts, and I was wondering if > > either: > (a) > > by some chance some of you know companies in Virginia Beach, VA, that > would > > take me "under their wing", or (b) any of you know of any websites or > > companies that might have information about local internship programs > > in > the > > security/administration field. I am looking for a learning opportunity > > > - a free one - where I could gain experience (the SANS and other > > conferences > are > > too much money and travel for me at age 16). I would greatly > > appreciate > any > > help that you would give me as an aspiring security professional. > > Thank > you > > in advance, and also thank you for reading all of this - I can get > > wordy > :-) . > > > > Sincerely, > > Douglas Pichardo > > > > P.S. I'm not some teenage wanna-be hacker; I truly only want to get > > into > the > > security field, not the "counter"-security field. And just in case the > fact > > that I'm writing this at 10:30 AM might contribute to the stereotype, > > I > have > > no school today; we have about 3 inches of snow and the whole area has > shut > > down as if it were 3 feet. > > > > P.P.S. Are there any other books on Linux administration or > > local/network security that you recommend? -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
