Aspiring Pen-Tester Seeking Advice

[Ryan <phaleproof () gmail com>]

Hello all - long-time lurker, first-time poster,

I'm about 2 quarters away from finishing my education (majoring in 
network security and systems administration), and I'm currently 
interning at a company, doing monitoring IDS and SOX compliance.

I've always been interested in security, and now that I've got some 
spare time I would really like to start getting prepared for a potential 
position doing penetration testing.

My school offers a few courses in security, however I've always been of 
the mind-set that it's better to explore it yourself than try to have 
someone teach it to you.

That being said, I was wondering if anyone would be kind enough to give 
a novice some helpful pointers on how to get started.

I've downloaded VMware and I've got a Windows XP, Ubuntu, and shortly a 
Fedora Core 7 VM - I also plan on downloaded Windows Server 2003 with my 
MSDNAA license. I've downloaded a copy of BackTrack2 and I'm in the 
process of trying to turn that into a VM as well.

I installed nmap on both systems, as well as nessus, and soon 
metasploit. I've played around with the former a little bit at work (I 
must say, it's the most amazing tool I've used - not that I have much 
experience).

I'm really interested in getting into the 'hacker' mindset and walking 
through the steps they use to find, conduct, and cover-up their attacks. 
Surely, it's not all point and chick, and I'm having a little difficulty 
getting into the groove.

I was also hoping the more experienced users might suggest a few tools 
to check out first (I've already bookmarked the sectools.org list but 
there is just so many).

Additionally, can anyone suggest a bunch of good books to read 
pertaining to penetration testing? Someone recommended Counter-Hack, and 
another person said Hacking Exposed, as well as a few others.

All that being said, are there some limitations of VM that I should be 
aware of when conducting my research? I would be very interested in 
seeing if there's a way to get router and network-like functionality 
from a VM since it would seem like currently VMware is essentially 
acting like a hub and a lot of the attacks (ARP spoofing, etc) don't 
seem possible the way I've currently got it implemented.

I know there is a "Basics" mailing list, however since I am interested 
specifically in pen testing, I figured it was probably more appropriate 
to post to this list. If I am incorrect, then I apologize. If not, then 
thanks in advance for tolerating my noobiness and for helping out an 
aspiring pen-tester!

Best Regards,
Ryan

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------