Re: Question for information security professionals

From: MT (mt_at_somewhere.com)
Date: 01/24/04


Date: Sat, 24 Jan 2004 01:01:15 GMT

Thanks ipgrunt,

I ordered a copy of Hacking Exposed and the Hacker Challenge today to get
some background info.
I will check out the link that you suggested as well.

thanks again!

"Grunt" <me@privacy.net> wrote in message
news:Xns947986FA84C2Dgruntnowherecn@130.133.1.4...
> "MT" <mt@somewhere.com> seems to think in
> news:8u%Pb.45276$f97.14184@fe3.columbus.rr.com:
>
> > I have been a software developer (mainly C++, Java, Perl and Oracle)
> > for the last eight years now and I am interested in taking my career
> > down a different but related technical path. Anyway to get straight to
> > the point: could anyone please tell me what discipline Information
> > Security falls under. I know very little about it at this point but
> > would like to learn more. Is it something that a developer like myself
> > could transition into or is it more of a network engineer or systems
> > administration field? Or is it perhaps a little of each?
> >
> > Could anyone post some links or refer some books that could get me
> > started?
> >
> > I was looking at the CISSP program hoping that it would be a good
> > start, and also hoping that certification would aid me in making the
> > career switch, but it seems that this program is designed for someone
> > that already has 3-4 years of professional information security
> > experience under their belt. Are there any other information security
> > certification programs that a beginner like myself could use as a
> > guide to get started?
> >
> >
> >
>
> You have more specific knowlege about programming and operating systems
> than perhaps the average IT admin, but there is much to know about
> networking and its security issues that you probably have no background
in.
>
> Have you looked into any of the myriad books on the subject?
>
> These can give you a survey of the field.
>
> I like Hacking Exposed by McClure et. al.
>
> Look for a later edition. Information gets out of date quickly in this
> field.
>
> Also, you should know about SANS (www.sans.org) which will provide you
with
> an educational base, and a many sources of current info and practice.
>
> It is a vast field. Start reading.
>
> -- ipgrunt