From: Mark W. Webb (mark@dolphtech.com)
Date: Thu Jul 08 2004 - 10:33:42 EDT
As someone who is relatively new to this field(~1 year), I would agree.
I have spent all of my professional life writing java applications, and
some C apps.
I have taken a few security courses, and have been using Unix for about
5 years. But have never gotten a really good handle on the in-depth
knowledge of TCP/IP. Sure, I understand the basics of the 3-way
handshake, but as far as what goes into a packet, I would say that I do
not know that information really well.
Could you recommend some sources of information(books, URL..etc)
concerning this topic.
Thank you.
Don Parker wrote:
>Hello all, I just wanted to comment on what I see as a rather alarming trend in the
>security industry today. More and more many are becoming reliant upon tools to do their
>job whilst they ignore core components of their skillset. Specifically in this case an
>in-depth knowledge of TCP/IP.
>
>Knowing TCP/IP at a granular level in my opinion is very much a core skill that must be
>attained by anyone who wishes to have a successful career in the network security
>industry today. One cannot become adept by simply using tools, and never knowing how to
>interpret the output by verifying the packets themselves.
>
>It constantly amazes me when I teach a TCP/IP Analysis course that people who are
>presently in the industy do not know of such basic TCP/IP concepts as the 3 way
>handshake and how ICMP works. That or being able to wholly dissect a packet and explain
>the relationships between various metrics.
>
>I would be curious to hear of your opinions on this?
>
>Cheers,
>
>Don
>
>-------------------------------------------
>Don Parker, GCIA
>Intrusion Detection Specialist
>Rigel Kent Security & Advisory Services Inc
>www.rigelksecurity.com
>ph :613.233.HACK
>fax:613.233.1788
>toll: 1-877-777-H8CK
>--------------------------------------------
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:57 EDT