Description

“InfoSec Career Hacking” starts out by describing the many, different InfoSec careers available including Security Engineer, Security Analyst, Penetration Tester, Auditor, Security Administrator, Programmer, and Security Program Manager. The particular skills required by each of these jobs will be described in detail, allowing the reader to identify the most appropriate career choice for them. Next, the book describes how the reader can build his own test laboratory to further enhance his existing skills and begin to learn new skills and techniques. The authors also provide keen insight on how to develop the requisite soft skills to migrate form the hacker to corporate world.

Key Features

* The InfoSec job market will experience explosive growth over the next five years, and many candidates for these positions will come from thriving, hacker communities * Teaches these hackers how to build their own test networks to develop their skills to appeal to corporations and government agencies * Provides specific instructions for developing time, management, and personal skills to build a successful InfoSec career

Table of Contents

Acknowledgments

Author Dedication

Lead Author and Technical Editor

Contributing Authors

Technical Reviewer

Foreword Contributor

Foreword

Part I: Recon/Assessment

Chapter 1: The Targets—What I Want to Be When I Grow Up (or at Least Get Older)

Introduction

Understanding INFOSEC

Employment Opportunities

Defining the Jobs

Bringing Together the Skills

Advanced Skills

So Where Do I Match Up?

Checklist

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 2: Reconnaissance: Social Engineering for Profit

Introduction

Narrowing Your Choices

Digging for Information

Researching for Rewards

Making Contact

Checklist

Summary

Solutions Fast Track

Links to Sites

Mailing Lists

Frequently Asked Questions

Chapter 3: Enumerate: Determine What’s Out There

Introduction

What Should I Do First?

Is Education Important?

Certifications: Magic or Myth?

Getting Your Name Out There

Understanding Opportunities and Gaining Experience

Security Clearances

Summary

Solutions Fast Track

Links to Sites

Mailing Lists

Frequently Asked Questions

Chapter 4: First Strike: Basic Tactics for Successful Exploitation

Part II: Technical Skills

Chapter 5: The Laws of Security

Introduction

Knowing the Laws of Security

Client-Side Security Doesn’t Work

You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information

Malicious Code Cannot Be 100 Percent Protected against

Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection

Firewalls Cannot Protect You 100 Percent from Attack

Any IDS Can Be Evaded

Secret

Details

No. of pages:
448
Language:
English
Copyright:
© 2005
Published:
Imprint:
Syngress
Print ISBN:
9781597490115
Electronic ISBN:
9780080489032

About the authors

Chris Hurley

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Affiliations and Expertise

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Johnny Long

Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website (http://johnny.ihackstuff.com). He is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need those skills.

Affiliations and Expertise

A Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author who lurks at his website (http://johnny.ihackstuff.com) and is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need them