I’m not the most organised person, especially when it comes to staying focused on something (sorry was I talking about??). If you’ve read this blog before you would have picked up that I’ve decided to expand on my IT Security skills.
To that end I’ve created a 12 month training plan, nothing fancy just a list of technologies/software that I want to learn how to use better. It won’t make me an expert (I’m not that silly), but it will hopefully mean that come BSides London 2013 I might be able to give a track 3 talk.
The training plan includes, Ruby (not Python for the time being), wireshark, metasploit framework, nmap and a long period for scapy. I like the idea of being able to write packets so I’ve dedicated a lot of time to this.
Along the way I will blog about my progress and hopefully start getting some more InfoSec related posts up here instead of my ranting about stuff..
Below is the training plan, feel free to pass any comments if you think I’ve missed anything obvious, my goal is to be able to run pen tests (against my own systems), without resorting to “automated” tools.
I’m also looking (still) for a UK-based InfoSec mentor, if any of you lot are feeling generous (I’m not expecting a lot, just answering some questions when I get stuck). If you’re up for it let @infosecmentors know. 🙂
After looking at the plan, I feel envious of you 😉 hehe
however I prolly wont ever be that organized, my plan is to make lame tutorials or articles on my blog, forcing me to check all methods throughoutly before finalizing my stuff, but I´ll plan a “big picture to have a guidance, to at least have some outline of a plan 🙂
I think it looks good, but if I where you, I´d place the Snort stuff earlier, because then you can run it while you do the early stuff and trough to the 1337ness =) and then you actually will have a knowledge base that is bigger than if missing out on the early/easier(?) stuff 🙂
I ain´t good enuff to volonteer as mentor, but I am always happy to help out with the little knowledge I possess 🙂
Btw I saw you on LinkedIn, feel free to add me by my email (i figure you see that part in the postings) =)
Hi Fredrik, I’m not usually that organised and knowing me I won’t stick to it either, buts it’s not bad for a bit of a guideline. I agree with you about Snort, I’ve got Security Onion running on an old netbook so I’m using that for packet captures when I run scans against my firewall (hence the port mirror on the cisco router).
I’ve signed up with the InfoSec mentor project as a mentee but I’m still waiting for an official mentor. I’ve had an offer of help from someone on Twitter if I get stuck.. 🙂 Like you if I can help out with anything, I’m more than happy to. 🙂
So then maybe we should “pact up” together 🙂
You as my mentor and me as your hehe.
I have a slightly loose “ring” of infosec people I can check stuff with and a few more from the field of IT sec. That idea is built on the fact that all people have their talents and might need help with other fields =)
Saw that you added me in LinkedIn (Goodie) 🙂
That sounds like an awesome plan Fredrik, I would be more than happy to do that. I’m sure we can each help each other with things.. 🙂 I will DM you my email address, just so you have it.