Re: Hello

From: Kevin C McCarty (kmccart6@csc.com)
Date: Mon Dec 09 2002 - 12:42:42 GMT-3

Gentlemen,

I would like to reply to the general thread of Chucks points on security
and what to "learn" . I do this everyday, all day, at many sites
around the globe. I can't stress enough learning the underlying points of
how holes begin and why. This starts from a system level run by humans,
in a language that is compiled and forms an OS. This is where the
learning starts, use the programs Nessus, Nmap, and Snort, learn why the
C or C++ code is allowing buffer overflows. Don;t take the separtist
approach of wrapping up poorly formed objects and spewing them down a
tunnel that is called secure. I tell you this: Finding an encrypted
hacker is VERY hard. All of you are extremely intelligent and are to be
commended on where you are in learning the Cisco CCIE path. But there is
much more, and quite frankly, Cisco is kind of late on the scene, so in my
humble opinion learn some assembler (Intel), some c, some c++, intrusion
signatures, forensics, join the SANS list and check out their Cert
offerings.

All have a fine day.

Thanks--

Kevin McCarty

Computer Sciences Corporation
Defense Sector

"Obstacles are those annoying little bumps that occur when you take your
eyes off your goals"

Henry Ford

Paul Jin <pauljin
@yahoo.com>
Sent by: nobody
12/08/2002 01:11 PM
Please respond to Paul Jin

 
        To: Chuck Church <ccie8776@rochester.rr.com>, "Brian T. Albert"
<brian.albert@worldnet.att.net>, Security <security@groupstudy.com>
        cc:
        Subject: Re: Hello

Yup, I think these little 501s are pretty much all you need. The only
other thing
it cannot do, in addition to adding interfaces for DMZ is failover.

And for these 2 things, you can just borrow the remote labs and practice
only
when you need to.

- Paul
 Chuck Church <ccie8776@rochester.rr.com> wrote:Right now I'm reading
through the MCNS book, which seems pretty good. Once
I get my hands on a W2K server disk, I'm going to start playing with ACS,
Radius, Tacacs, etc. Also thinking about buying a PIX 501, as it seems to
do everything the bigger ones do, with the exception of DMZ interfaces.
NLI/CCBootcamp has a sample security lab on their site, looks decent.

Chuck Church
CCIE #8776, MCNE, MCSE

----- Original Message -----
From: "Brian T. Albert"

To: "Chuck Church" ; "Security"

Sent: Sunday, December 08, 2002 11:34 AM
Subject: RE: Hello

> Hi Chuck,
>
> I am also a R/S guy and will pursue a Security CCIE. Right now I am
going
> about it informally by reading the Cisco Security books and whatever I
can
> find on Cisco's web site. I am using my R/S lab at home and building my
own
> labs, IPSec tunnels, Pix, ACS, etc. Eventually I will look at purchasing
> some lab scenarios, maybe from Hello Computers. What do you think your
> approach will be? If there are any guys in Chicago who would like to
study
> together for CCIE Security, contact me offline.
>
> Thanks
>
> Brian T. Albert
> CCIE #9682
> brian.albert@worldnet.att.net
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Chuck Church
> Sent: Saturday, December 07, 2002 10:17 PM
> To: Security
> Subject: Hello
>
>
> All,
>
> I just thought I'd introduce myself. I'm thinking pretty hard about
> going for the CCIE Security. My current CCIE is R&S. Haven't seen any
> messages since I joined yesterday, just wondering if there's many people
on
> this list.
>
> Thanks,
>
> Chuck Church
> CCIE #8776, MCNE, MCSE
.
---------------------------------
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now
.

This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:42 GMT-3