Getting Started in Cyber Security?

Yeah most people i know wandered into security with networking and somewhat related qualifications but are now earning the top level security ones.

As an IDS analyst my day is pretty straight forward. I write custom IDS signatures for clients who want to look for a specific thing flying around their network.

We get lots of packets come through and I check them for authenticity and severity, as well as look around for the newest exploits in technology plaguing the industry today.
Alot of it is the usual stuff, upgrades to devices liasing with customers and managing my workload.

The thing about intrusion detection though is that much of the time you're waiting for stuff to happen, you can make yourself busy but its still a babysitting job in many cases.
I also provide 12-hourly, weekly and monthly reports to customers on IDS signatures which show trends, statistics and what i've been doing to earn their money every month.
and I work 12 hour shifts only, on a DuPont rotation.

Im hoping to take my career into a dedicated intrusion specialist role, rather than the analysis part. More provention than dousing fires, and then possibly security consultancy
 
Sheepykins said:
Yeah most people i know wandered into security with networking and somewhat related qualifications but are now earning the top level security ones.

As an IDS analyst my day is pretty straight forward. I write custom IDS signatures for clients who want to look for a specific thing flying around their network.

We get lots of packets come through and I check them for authenticity and severity, as well as look around for the newest exploits in technology plaguing the industry today.
Alot of it is the usual stuff, upgrades to devices liasing with customers and managing my workload.

The thing about intrusion detection though is that much of the time you're waiting for stuff to happen, you can make yourself busy but its still a babysitting job in many cases.
I also provide 12-hourly, weekly and monthly reports to customers on IDS signatures which show trends, statistics and what i've been doing to earn their money every month.
and I work 12 hour shifts only, on a DuPont rotation.

Im hoping to take my career into a dedicated intrusion specialist role, rather than the analysis part. More provention than dousing fires, and then possibly security consultancy
Click to expand...

Wow that all sounds like interesting work! What do you do when you find something that doesn't belong?
 
we tell the customer about it lol.
IDS analysis isnt something you can pick up too easily, you need to know signatures and exposure to the network for a long period of time to know whats expected traffic and what isnt.

I remmber one time some dude in one of our customers was selling secrets and sharing data externally and he was doing it so often it became expected traffic and analysis didnt show up too much so, network techs on their end and us let it slide as some device.

anyway, it wasnt until he phoned in sick one day, that the expected traffic dropped off the network and we all wanted to know why, they did some further checks and found all that out and him performing corporate espionage lol was very funny.

with sensors placed in the right way, all traffic can go through them and we can see it all. with custom signatures we can filter out what we want to see too

i tell you, some of the emails i've read would shock you lol :p
 
Sheepykins said:
we tell the customer about it lol.
IDS analysis isnt something you can pick up too easily, you need to know signatures and exposure to the network for a long period of time to know whats expected traffic and what isnt.

I remmber one time some dude in one of our customers was selling secrets and sharing data externally and he was doing it so often it became expected traffic and analysis didnt show up too much so, network techs on their end and us let it slide as some device.

anyway, it wasnt until he phoned in sick one day, that the expected traffic dropped off the network and we all wanted to know why, they did some further checks and found all that out and him performing corporate espionage lol was very funny.

with sensors placed in the right way, all traffic can go through them and we can see it all. with custom signatures we can filter out what we want to see too

i tell you, some of the emails i've read would shock you lol :p
Click to expand...

Wow what a crazy story! I wonder how much that actually happens in other companies?

Just out of curiosity, what is involved in writing an IDS signature? In other words, how do you write one and what is it, as I have never heard of that haha? Also, what would you recommend as far as entering into this field (i.e. education, entry-level work, etc.)?
 
writing signatures are easy, you find the specific portion of a data packet you want the signature to trigger on and write it out using regex so the sensor understands that when a packet matching that regex string comes through the sensor, to trigger a signature
You can make alot of money as an analyst too. Someone just offered my coworker a job in london, 2 months temporary but full accomodation paid + 600 a day.

they have junior positions in organisation to get you started, but there are lots of free IDS systems (such as snort) which you can download and try
 
I'll have to try out snort this weekend, I just checked out their website - looks like fun to learn with!

Do you find that more of the work in network security is contracted versus full-time or does it depend on the company and the industry you work in? (Sorry if I am bombarding you with questions, but these are just things I'd love to hear from someone in the field).
 
You must log in or register to reply here.

Similar threads

O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
947
once2023
O
grantheo
Asking for your feedback on a PHP code security scanner in beta
Replies
1
Views
882
grantheo
grantheo
R
change game mode (monitor setting) when game starts
Replies
0
Views
155
raverx3m
R
Captain Xarzu
How do I ensure I properly get text alerts on my Android phone?
Replies
2
Views
901
Joe C
Joe C
R
Hi there .. Let me thank you
Replies
4
Views
716
grantheo
grantheo
Back
Top Bottom