Back to Basics - Essence of Hacking
I was listening to a recording of a portion of pauldotcom's episode 150--and there was a good discussion on hacking basics. What would you focus on if you were starting in the security industry?
For me, I would say, be surrounded by academia. Not necessarily in a four-year degree program, (although I'm very grateful for what I got out of it), but I find I learned the most be surrounded by folks striving for knowledge. I learned more about compilers trying to survive running javac on HPUX 10.X than actually making a java compiler that compiles java (so yes, it was supposed to correctly accept itself as input). I learned how to tunnel services remotely with ssh just to read email remotely, not to bypass an IDS or firewall (ok, it did do that also which was nice).
So how to do any cyber-thing better--even if it is just getting started--surround yourself with information, but be careful not to drink the coolaid--use the information and apply it to your environment, exceed original designs and documentation, explore, improvise . . .
I know I blogged this before---but stay tuned for an announcement of an initiative with regards to entry level \cyber\S+\ig
If you are at a SANS conference, ask around about this--you may get a sneak peak. Or maybe you should just watch http://twitter.com/sanshacknet and get an idea of what's to come . . .
For me, I would say, be surrounded by academia. Not necessarily in a four-year degree program, (although I'm very grateful for what I got out of it), but I find I learned the most be surrounded by folks striving for knowledge. I learned more about compilers trying to survive running javac on HPUX 10.X than actually making a java compiler that compiles java (so yes, it was supposed to correctly accept itself as input). I learned how to tunnel services remotely with ssh just to read email remotely, not to bypass an IDS or firewall (ok, it did do that also which was nice).
So how to do any cyber-thing better--even if it is just getting started--surround yourself with information, but be careful not to drink the coolaid--use the information and apply it to your environment, exceed original designs and documentation, explore, improvise . . .
I know I blogged this before---but stay tuned for an announcement of an initiative with regards to entry level \cyber\S+\ig
If you are at a SANS conference, ask around about this--you may get a sneak peak. Or maybe you should just watch http://twitter.com/sanshacknet and get an idea of what's to come . . .
posted by James Shewmaker at
5:06 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home