Re: TCP/IP skills

From: Vlad (vladkors_at_gmail.com)
Date: 07/08/04

  • Next message: Allan: "Re: TCP/IP skills" 
    Date: Thu, 8 Jul 2004 10:39:05 +0200
To: Don Parker <dparker@rigelksecurity.com>

    Here's a nice article Security Focus has published some time ago
    dealing with this very subject.

    TCP/IP Skills Required for Security Analysts
    http://www.securityfocus.com/infocus/1779

    As for my opinion, I can't agree more. Advance (IP) networking skills
    should be a vital and an inseparable part of a security experts'
    knowledge. Although there might be some exceptions, a "security
    expert" that lacks the basics of TCP/IP, that has no idea what a
    packet is constructed of, is nothing more then a script kiddie.

    Regards,
       - Vlad.

    On Tue, 6 Jul 2004 21:20:46 -0400 (EDT), Don Parker
    <dparker@rigelksecurity.com> wrote:
    > Hello all, I just wanted to comment on what I see as a rather alarming trend in the
    > security industry today. More and more many are becoming reliant upon tools to do their
    > job whilst they ignore core components of their skillset. Specifically in this case an
    > in-depth knowledge of TCP/IP.
    >
    > Knowing TCP/IP at a granular level in my opinion is very much a core skill that must be
    > attained by anyone who wishes to have a successful career in the network security
    > industry today. One cannot become adept by simply using tools, and never knowing how to
    > interpret the output by verifying the packets themselves.
    >
    > It constantly amazes me when I teach a TCP/IP Analysis course that people who are
    > presently in the industy do not know of such basic TCP/IP concepts as the 3 way
    > handshake and how ICMP works. That or being able to wholly dissect a packet and explain
    > the relationships between various metrics.
    >
    > I would be curious to hear of your opinions on this?
    >
    > Cheers,
    >
    > Don
    >
    > -------------------------------------------
    > Don Parker, GCIA
    > Intrusion Detection Specialist
    > Rigel Kent Security & Advisory Services Inc
    > www.rigelksecurity.com
    > ph :613.233.HACK
    > fax:613.233.1788
    > toll: 1-877-777-H8CK
    > --------------------------------------------
    >

  • Next message: Allan: "Re: TCP/IP skills"

    Relevant Pages

    • Re: Rather funny; looks like page defacement to me
      ... An admin who doesn't know TCP/IP? ... trained on networking and TCP/IP, security, etc. ... of those poor "draftees" how to protect their enterprise. ... Adjunct Information Security Officer ...
      (Focus-IDS)
    • RE: TCP/IP skills
      ... knowledge of the network layer are needed for specific job-duties. ... security specialists as normally falling into one of the following ... non-technical controls than on anything having to do with TCP/IP ... Network skills ...
      (Pen-Test)
    • FW: TCP/IP skills
      ... knowing what you want is another of those skills that comes from a greater understanding of security as it applies to network traffic as well as operating system/service stimulus and responses. ... Subject: TCP/IP skills ...
      (Pen-Test)
    • Re: REVIEW: "Network Security for Dummies", Chey Cobb
      ... Hack Proofing Your Network: ... TCP/IP Illustrated Volume I: ... was compromised in numerous attacks in 2000 and 2002, ... A couple of books I'm thinking of getting are "Network Security Assessment" by ...
      (comp.security.misc)
    • Re: TCP/IP skills
      ... I have taken a few security courses, and have been using Unix for about ... knowledge of TCP/IP. ... >security industry today. ... That or being able to wholly dissect a packet and explain ...
      (Pen-Test)