Penetration Testing mailing list archives
Re: TCP/IP skills
From: <captgoodnight () acsalaska net>
Date: Wed, 07 Jul 2004 17:40:00 -0800
----- Original Message ----- From: Don Parker <dparker () rigelksecurity com> Date: Tuesday, July 6, 2004 5:20 pm Subject: TCP/IP skills
Hello all, I just wanted to comment on what I see as a rather alarming trend in the security industry today. More and more many are becoming reliant upon tools to do their job whilst they ignore core components of their skillset. Specifically in this case an in-depth knowledge of TCP/IP. Knowing TCP/IP at a granular level in my opinion is very much a core skill that must be attained by anyone who wishes to have a successful career in the network security industry today. One cannot become adept by simply using tools, and never knowing how to interpret the output by verifying the packets themselves. It constantly amazes me when I teach a TCP/IP Analysis course that people who are presently in the industy do not know of such basic TCP/IP concepts as the 3 way handshake and how ICMP works. That or being able to wholly dissect a packet and explain the relationships between various metrics. I would be curious to hear of your opinions on this?
I totally agree! The more I speak to other security "professionals" the more I see that most have not a clue in regards to packet crafting/disecting/ISOOSI model. It's kinda sad, but it seems, most are geared to the application and not the foundation of things. Not to start a OS war, but I must admit, my fellow linux security penguins seem to know more about the depth of security than do my only MS friends. This kinda pushes me in the direction of thought that since linux guruship is so deep into the kernel/coding realm, that it's simply natural for my penguin friends to dive into the deep. Where perhaps since MS for the most part is so "USER/GUI" minded, that it's kinda a challenge to find the motivation or desire if you will, to really dig into what our fingertips can touch. I swear I'm not trying to start a os debate, I'm just speaking for what my eyes and ears witness. To sum it up from my perspective, *nix is for the scientist, MS,APPLE is for the USER. Please know, I do know a few MS gurus that know a hell of alot more than me, but know, they use linux/unix too and have been in the field since the days of blue boxs ;) And if your a MS only security guru, who knows the deep, I bow to you; there's truly is only a few. peace, cg
Current thread:
- Re: TCP/IP skills, (continued)
- Re: TCP/IP skills Nelson Santos (Jul 08)
- RE: TCP/IP skills Naveed (Jul 08)
- Re: TCP/IP skills Mark W. Webb (Jul 08)
- Re: TCP/IP skills Vlad (Jul 08)
- Re: TCP/IP skills Jordan Cole (stilist) (Jul 08)
- RE: TCP/IP skills Rocky Heckman (Jul 13)
- Re: TCP/IP skills Chris Byrd (Jul 13)
- Re: TCP/IP skills vulnerable (Jul 13)
- RE: TCP/IP skills Dave Dyer (Jul 13)
- FW: TCP/IP skills drbitbucket (Jul 08)
- Re: TCP/IP skills captgoodnight (Jul 08)
- Re: TCP/IP skills R. DuFresne (Jul 13)
- Re: TCP/IP skills Allan (Jul 08)
- re: TCP/IP skills Scott Schappert 6270, QA (Jul 08)
- Re: TCP/IP skills M. D. (Jul 09)
- RE: TCP/IP skills Vaccare, Anthony (Jul 13)
- RE: TCP/IP skills Strand, John (Jul 13)
- RE: TCP/IP skills Eric McCarty (Jul 13)
- Re: TCP/IP skills drbitbucket (Jul 13)
- RE: TCP/IP skills Parish Zachary Z AB 381 IS/SCSS (Jul 13)