Penetration Testing mailing list archives

Re: TCP/IP skills

From: Nigel Stepp <stepp () atistar net>
Date: Wed, 7 Jul 2004 23:00:35 -0400 (EDT)

On Tue, 6 Jul 2004, Don Parker wrote:

[ snip ]

It constantly amazes me when I teach a TCP/IP Analysis course that
people who are presently in the industy do not know of such basic
TCP/IP concepts as the 3 way handshake and how ICMP works. That or
being able to wholly dissect a packet and explain the relationships
between various metrics.


I would have to agree.  In IT and some software development I also see
it lacking, but in security it is essential.  I hardly ever do any kind
of analysis without also looking at packet dumps, otherwise it's
diffucult to really get a feeling for the behaviour of the network (in
my opinion).

When I first started wearing my trusty SYN/ACK shirt around I was
horrified when I received so many questions from my collegues.

Cheers,

Don

-------------------------------------------
Don Parker, GCIA
Intrusion Detection Specialist
Rigel Kent Security & Advisory Services Inc
www.rigelksecurity.com
ph :613.233.HACK
fax:613.233.1788
toll: 1-877-777-H8CK
--------------------------------------------


-- 
:wq

Current thread:

TCP/IP skills Don Parker (Jul 07)
- Re: TCP/IP skills Nigel Stepp (Jul 08)
- Re: TCP/IP skills Nelson Santos (Jul 08)
- RE: TCP/IP skills Naveed (Jul 08)
- Re: TCP/IP skills Mark W. Webb (Jul 08)
- Re: TCP/IP skills Vlad (Jul 08)
- Re: TCP/IP skills Jordan Cole (stilist) (Jul 08)
  - RE: TCP/IP skills Rocky Heckman (Jul 13)
  - Re: TCP/IP skills Chris Byrd (Jul 13)
- Re: TCP/IP skills vulnerable (Jul 13)
- RE: TCP/IP skills Dave Dyer (Jul 13)
- <Possible follow-ups>
- FW: TCP/IP skills drbitbucket (Jul 08)

(Thread continues...)