Re: TCP/IP skills

From: Mark W. Webb (mark_at_dolphtech.com)
Date: 07/08/04

  • Next message: captgoodnight_at_acsalaska.net: "Re: TCP/IP skills"
    Date: Thu, 08 Jul 2004 10:33:42 -0400
    To: Don Parker <dparker@rigelksecurity.com>
    
    

    As someone who is relatively new to this field(~1 year), I would agree.
    I have spent all of my professional life writing java applications, and
    some C apps.
    I have taken a few security courses, and have been using Unix for about
    5 years. But have never gotten a really good handle on the in-depth
    knowledge of TCP/IP. Sure, I understand the basics of the 3-way
    handshake, but as far as what goes into a packet, I would say that I do
    not know that information really well.

    Could you recommend some sources of information(books, URL..etc)
    concerning this topic.

    Thank you.

    Don Parker wrote:

    >Hello all, I just wanted to comment on what I see as a rather alarming trend in the
    >security industry today. More and more many are becoming reliant upon tools to do their
    >job whilst they ignore core components of their skillset. Specifically in this case an
    >in-depth knowledge of TCP/IP.
    >
    >Knowing TCP/IP at a granular level in my opinion is very much a core skill that must be
    >attained by anyone who wishes to have a successful career in the network security
    >industry today. One cannot become adept by simply using tools, and never knowing how to
    >interpret the output by verifying the packets themselves.
    >
    >It constantly amazes me when I teach a TCP/IP Analysis course that people who are
    >presently in the industy do not know of such basic TCP/IP concepts as the 3 way
    >handshake and how ICMP works. That or being able to wholly dissect a packet and explain
    >the relationships between various metrics.
    >
    >I would be curious to hear of your opinions on this?
    >
    >Cheers,
    >
    >Don
    >
    >-------------------------------------------
    >Don Parker, GCIA
    >Intrusion Detection Specialist
    >Rigel Kent Security & Advisory Services Inc
    >www.rigelksecurity.com
    >ph :613.233.HACK
    >fax:613.233.1788
    >toll: 1-877-777-H8CK
    >--------------------------------------------
    >
    >


  • Next message: captgoodnight_at_acsalaska.net: "Re: TCP/IP skills"