Re: TCP/IP skills

From: captgoodnight@acsalaska.net
Date: Wed Jul 07 2004 - 21:40:00 EDT


----- Original Message -----
From: Don Parker <dparker@rigelksecurity.com>
Date: Tuesday, July 6, 2004 5:20 pm
Subject: TCP/IP skills

> Hello all, I just wanted to comment on what I see as a rather
> alarming trend in the
> security industry today. More and more many are becoming reliant
> upon tools to do their
> job whilst they ignore core components of their skillset.
> Specifically in this case an
> in-depth knowledge of TCP/IP.
>
> Knowing TCP/IP at a granular level in my opinion is very much a
> core skill that must be
> attained by anyone who wishes to have a successful career in the
> network security
> industry today. One cannot become adept by simply using tools, and
> never knowing how to
> interpret the output by verifying the packets themselves.
>
> It constantly amazes me when I teach a TCP/IP Analysis course that
> people who are
> presently in the industy do not know of such basic TCP/IP concepts
> as the 3 way
> handshake and how ICMP works. That or being able to wholly dissect
> a packet and explain
> the relationships between various metrics.
>
> I would be curious to hear of your opinions on this?
>

I totally agree! The more I speak to other security
"professionals" the more I see that most have not a clue in regards to packet crafting/disecting/ISOOSI
model. It's kinda sad, but it seems, most are geared to the application and not the foundation of things.

 Not to start a OS war, but I must admit, my fellow linux security penguins seem to know more about the depth of security than do my only MS friends. This kinda pushes me in the direction of thought that since linux guruship is so deep into the kernel/coding realm, that it's simply natural for my penguin friends to dive into the deep. Where perhaps since MS for the most part is so "USER/GUI" minded, that it's kinda a challenge to find the motivation or desire if you will, to really dig into what our fingertips can touch. I swear I'm not trying to start a os debate, I'm just speaking for what my eyes and ears witness. To sum it up from my perspective, *nix is for the scientist, MS,APPLE is for the USER. Please know, I do know a few MS gurus that know a hell of alot more than me, but know, they use linux/unix too and have been in the field since the days of blue boxs ;)

And if your a MS only security guru, who knows the deep, I bow to you; there's truly is only a few.

peace,
cg



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:57 EDT