RE: TCP/IP skills

From: Naveed (naveed_at_pcssaudi.com)
Date: 07/08/04

  • Next message: Mike Anderson: "PWDUMP Parser"
    To: "'Don Parker'" <dparker@rigelksecurity.com>, <pen-test@securityfocus.com>, <vuln-dev@securityfocus.com>
    Date: Thu, 8 Jul 2004 08:31:13 +0300
    
    

    I fully agree with Don. Core TCP/IP skills and strong networking
    fundamentals are a must to qualify as a security professional. Add to this
    programming knowledge especially when you are performing pen tests.
    Today, the trend I have seen, on CV's too is that once a person has worked
    on tools (available freeware) he claims to know the ins and outs of
    security!!
    This trend is alarming especially if such personnel start protecting
    networks and systems!
    Best regards,
    -Naveed Ahmed

    -----Original Message-----
    From: Don Parker [mailto:dparker@rigelksecurity.com]
    Sent: Wednesday, July 07, 2004 4:21 AM
    To: pen-test@securityfocus.com; vuln-dev@securityfocus.com
    Subject: TCP/IP skills

    Hello all, I just wanted to comment on what I see as a rather alarming trend
    in the
    security industry today. More and more many are becoming reliant upon tools
    to do their
    job whilst they ignore core components of their skillset. Specifically in
    this case an
    in-depth knowledge of TCP/IP.

    Knowing TCP/IP at a granular level in my opinion is very much a core skill
    that must be
    attained by anyone who wishes to have a successful career in the network
    security
    industry today. One cannot become adept by simply using tools, and never
    knowing how to
    interpret the output by verifying the packets themselves.

    It constantly amazes me when I teach a TCP/IP Analysis course that people
    who are
    presently in the industy do not know of such basic TCP/IP concepts as the 3
    way
    handshake and how ICMP works. That or being able to wholly dissect a packet
    and explain
    the relationships between various metrics.

    I would be curious to hear of your opinions on this?

    Cheers,

    Don

    -------------------------------------------
    Don Parker, GCIA
    Intrusion Detection Specialist
    Rigel Kent Security & Advisory Services Inc
    www.rigelksecurity.com
    ph :613.233.HACK
    fax:613.233.1788
    toll: 1-877-777-H8CK
    --------------------------------------------


  • Next message: Mike Anderson: "PWDUMP Parser"

    Relevant Pages

    • Re: Rather funny; looks like page defacement to me
      ... An admin who doesn't know TCP/IP? ... trained on networking and TCP/IP, security, etc. ... of those poor "draftees" how to protect their enterprise. ... Adjunct Information Security Officer ...
      (Focus-IDS)
    • Re: TCP/IP skills
      ... Subject: TCP/IP skills ... > security industry today. ...
      (Pen-Test)
    • Re: REVIEW: "Network Security for Dummies", Chey Cobb
      ... Hack Proofing Your Network: ... TCP/IP Illustrated Volume I: ... was compromised in numerous attacks in 2000 and 2002, ... A couple of books I'm thinking of getting are "Network Security Assessment" by ...
      (comp.security.misc)
    • Re: Windows XP TCP/IP settings
      ... TCP/IP and Winsocks on this computer using two pieces of software. ... Networking functionality of this computer. ... Please post any reply as a follow-up message in the news group ...
      (microsoft.public.windowsxp.network_web)
    • Re: How to bind a route to a network adapter and not IP
      ... was the basic unit in Internet based networking but feel free to correct ... And based on your comment I figure I'm not the only one to complain with recent FreeBSD TCP/IP based networking issues... ... In case you really want to stick with wireless based carrier (HIGHLY NOT RECOMMENDED for *ALL* FreeBSD users until it has been demonstrated that there is no privacy disclosure or potential health issues with any wireless frequency modulation scheme), consider using CCK modulation which should be point-to-point modulation scheme. ...
      (freebsd-stable)