From: Naveed (naveed@pcssaudi.com)
Date: Thu Jul 08 2004 - 01:31:13 EDT
I fully agree with Don. Core TCP/IP skills and strong networking
fundamentals are a must to qualify as a security professional. Add to this
programming knowledge especially when you are performing pen tests.
Today, the trend I have seen, on CV's too is that once a person has worked
on tools (available freeware) he claims to know the ins and outs of
security!!
This trend is alarming especially if such personnel start protecting
networks and systems!
Best regards,
-Naveed Ahmed
-----Original Message-----
From: Don Parker [mailto:dparker@rigelksecurity.com]
Sent: Wednesday, July 07, 2004 4:21 AM
To: pen-test@securityfocus.com; vuln-dev@securityfocus.com
Subject: TCP/IP skills
Hello all, I just wanted to comment on what I see as a rather alarming trend
in the
security industry today. More and more many are becoming reliant upon tools
to do their
job whilst they ignore core components of their skillset. Specifically in
this case an
in-depth knowledge of TCP/IP.
Knowing TCP/IP at a granular level in my opinion is very much a core skill
that must be
attained by anyone who wishes to have a successful career in the network
security
industry today. One cannot become adept by simply using tools, and never
knowing how to
interpret the output by verifying the packets themselves.
It constantly amazes me when I teach a TCP/IP Analysis course that people
who are
presently in the industy do not know of such basic TCP/IP concepts as the 3
way
handshake and how ICMP works. That or being able to wholly dissect a packet
and explain
the relationships between various metrics.
I would be curious to hear of your opinions on this?
Cheers,
Don
-------------------------------------------
Don Parker, GCIA
Intrusion Detection Specialist
Rigel Kent Security & Advisory Services Inc
www.rigelksecurity.com
ph :613.233.HACK
fax:613.233.1788
toll: 1-877-777-H8CK
--------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:57 EDT