lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <e024ccca0707171901x425e6e0erebe6f99c1e57c81@mail.gmail.com>
Date: Tue, 17 Jul 2007 22:01:59 -0400
From: "Dude VanWinkle" <dudevanwinkle@...il.com>
To: "Evan Pitstick" <bikingnerd@...cast.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Help with education

On 7/17/07, Evan Pitstick <bikingnerd@...cast.net> wrote:
> I am looking to become a security consultant(White hat) in a few years
> and I was looking for some advice on the best certifications to get,
> graduate level schools and majors, and any web sites that will continue
> to help me along my path. I am currently a student at a school in
> Atlanta, USA for Information Security and Assurance. Any ideas?

What kind of Security do you enjoy most, Auditing, Pentesting,
Compliance, Programming? I recommend you pick the one you have fun at.
If you dont enjoy any of them, be prepared to be unhappy for a long
time :-)


As far as schools:
I hear www.gatech.edu has a really good program, and its in atlanta.

as far as certs:
CISSP will get you more money, but you will learn more from SANS certs.

If you want to be a good Security Consultant at the Technical level it
is important that you have a smattering of everything: programming
networking, administration, etc.. If you walk into a place and expect
to start telling people what to do, you should at least have walked a
mile in their shoes before doing so. This means learning Lotus,
Exchange, Sendmail, Oracle, MySQL and MSSQL, Linux, BSD, Solaris,
Windows, etc, ad infinitum.

If you want to be a great infosec person, you need to be able to teach
yourself. Much of the territory covered by infosec is new and
unexpected ways of using technology. This cant really be taught.

hth,

-JP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ