1,525
online users
thotties       tv/movies       gaming       gear       tech       guap       rides       eats       health       bxwf       misc

Cyber Security For Beginners: Network Attacks



more
ADVERTISEMENT
 
topics gone triple plat - Number 1 spot 3X PLAT



section  1   0 bx goons and 1 bystanders Share this on Twitter       Share this on Facebook
 

section tech
  

 3 years ago '20        #1
34466 page views
71 comments


OrganizedChaos  topics gone triple plat - Number 1 spot x1
avatar
Props total: 5744 5 K  Slaps total: 350 350
Cyber Security For Beginners: Network Attacks
 

 
YT

YT

YT

YT

YT


The OSI Model: ↪ https://cybercoastal.com/ .. the-osi-model/

Denial of Service (DoS) Guide For Beginners: ↪ https://cybercoastal.com/ .. e-dos-attacks/

Footprinting Fundamentals: ↪ https://cybercoastal.com/ .. -fundamentals/

MAC Addressing: ↪ https://cybercoastal.com/ .. ac-addressing/

IP Addressing: ↪ https://cybercoastal.com/ .. ip-addressing/


Last edited by OrganizedChaos; 10-24-2021 at 10:24 AM..
+47   



icon
best
icon
worst
71 comments

 3 years ago '17        #2
Mamluke13 
Props total: 4385 4 K  Slaps total: 948 948
Hellboundhackers,org is pretty good and practicing packet tracer
+12   

 3 years ago '16        #3
AfroBucks88  topics gone triple plat - Number 1 spot x9
Props total: 167139 167 K  Slaps total: 5322 5 K
emoji
thanx

 3 years ago '08        #4
Riley11 
Props total: 2389 2 K  Slaps total: 1008 1 K
Anybody actually working in infosec?
+6   

 3 years ago '20        #5
OrganizedChaos  topics gone triple plat - Number 1 spot x1 OP
Props total: 5744 5 K  Slaps total: 350 350
 Mamluke13 said 🔗
Hellboundhackers,org is pretty good and practicing packet tracer
Hell yeah, I use it myself
+2   

 3 years ago '04        #6
eazyvaboy  topics gone triple plat - Number 1 spot x14
Props total: 59256 59 K  Slaps total: 2693 2 K
emoji
+2   

 3 years ago '04        #7
eazyvaboy  topics gone triple plat - Number 1 spot x14
Props total: 59256 59 K  Slaps total: 2693 2 K
 Riley11 said 🔗
Anybody actually working in infosec?
I work in Cyber and have taught various graduate Cyber classes at a few universities.

To clarify, I don't work in the Cyber group at my company but I am the Cyber rep and POC to he ISSO for our projects. I do development and manage our Systems cloud deployment team but I also am responsible for most of our Cyber stuff for our projects.

I have to mitigate any vulnerabilities on our stuff after security scans. We do Nessus on the front end and Guardium on the back end. I have to do hardening and least privileges checks on all of our stuff ahead of our schedule audits and on the quarterly runs. I run the DR scenario planning and tests and complete our security control assessments and checks.

Worst part of it is I have to be on the summer jam screen with the auditors when they do scheduled and surprise security audits.

Like


+26   

 3 years ago '17        #8
Timmy 
Props total: 833 833  Slaps total: 94 94
Im in cyber security. I have run several SOCs and VATs. Now I'm a program manager for a cyber operation. Cyber futures are very bright and companies are desperate for people.

If you want to get a foot in the door there are a couple of paths.

No matter what, Start with a network plus cert. It explains how a network works. Then get security plus.

To get into SOC start by taking splunk fundamentals 1. It's free through splunks webpage. Study phishing and command and control (c2).

To get into vat, learn security center/acas/nessus (all basically the same thing).

I'm hiring people right out of school at 75k. Top range is 200k. Educate yourself and it will be worth it
+50   

 3 years ago '14        #9
MrBojangles 
Props total: 175 175  Slaps total: 4 4
Anybody here do pen testing?


Last edited by MrBojangles; 08-21-2021 at 11:39 PM..
+3   

 3 years ago '17        #10
Mamluke13 
Props total: 4385 4 K  Slaps total: 948 948
If yall have info on tech and hiring reach out to the black authority on Twitter
+3   

 3 years ago '15        #11
The South 
Props total: 41615 41 K  Slaps total: 5255 5 K
 Timmy said 🔗
Im in cyber security. I have run several SOCs and VATs. Now I'm a program manager for a cyber operation. Cyber futures are very bright and companies are desperate for people.

If you want to get a foot in the door there are a couple of paths.

No matter what, Start with a network plus cert. It explains how a network works. Then get security plus.

To get into SOC start by taking splunk fundamentals 1. It's free through splunks webpage. Study phishing and command and control (c2).

To get into vat, learn security center/acas/nessus (all basically the same thing).

I'm hiring people right out of school at 75k. Top range is 200k. Educate yourself and it will be worth it
Props for giving people the path.
emoji
+4   

 3 years ago '09        #12
Troop 
Props total: 1379 1 K  Slaps total: 56 56
 MrBojangles said 🔗
Anybody here do pen testing? I want to tr@nsition from SDE to red team. Already have sec+, cybersec masters in progress, and been practicing HTB. Trying to decide what's next OSCP, GPEN, or CEH?
Start with this if you wanna do red teaming

↪🔗

Then combine this training with INE’s junior pen-testing course. Once you finish these do INEs professional pentesting course. Then you should be ready for OSCP. CEH is a joke imo, just an HR gateway cert and GPEN isn’t that in depth, but is a great course, just way too pricey for no reason. I’m a 12 year cyber vet, did IR, malware analysis for 6 years and currently a blue team operator.

Like a poster said above though, if you don’t have a strong networking / Linux background, it’s best you learn these essentials first. Some python / bash scripting knowledge helps too.


Last edited by Troop; 08-19-2021 at 08:31 AM..
+6   

 3 years ago '10        #13
lboog1423  topics gone triple plat - Number 1 spot x1
Props total: 53951 53 K  Slaps total: 3934 3 K
Damn I needed this thread. I want to make the move into networks in the next few years
+6   

 3 years ago '20        #14
archimedes 
Props total: 11 11  Slaps total: 1 1
 Timmy said 🔗
Im in cyber security. I have run several SOCs and VATs. Now I'm a program manager for a cyber operation. Cyber futures are very bright and companies are desperate for people.

If you want to get a foot in the door there are a couple of paths.

No matter what, Start with a network plus cert. It explains how a network works. Then get security plus.

To get into SOC start by taking splunk fundamentals 1. It's free through splunks webpage. Study phishing and command and control (c2).

To get into vat, learn security center/acas/nessus (all basically the same thing).

I'm hiring people right out of school at 75k. Top range is 200k. Educate yourself and it will be worth it
can confirm, DFIR/Malware analyst and SIEM engineer here. at least in my region, talent pool is thin. hella understaffed. dudes dropping gems.

i cannot stress this enough. learn how a network works. learn at least cursory linux/unix. CEH looks good to HR but doesnt really go in depth (i let mine expire) but if you have no security background and know enough networking and linux, its a good first csec cert along with sec+ to get an idea of how it all works.
+5   

 3 years ago '17        #15
Timmy 
Props total: 833 833  Slaps total: 94 94
Agree, I have a ceh. It's kinda garbage. It's just a tools review and a lot is antiquated.

Linux is awesome to get into engineering. Putting that on your resume will get you interviews.

 3 years ago '08        #16
Riley11 
Props total: 2389 2 K  Slaps total: 1008 1 K
Impressive ! I’m in a boot camp readiness program at a university right now learning about securing information and protecting the network for threats from the inside and outside. Very interesting stuff I just drift off on the subjects concerning compliance laws and all the basic fundamental beginnings . After I’m done with this program I’m testing for CySA+
Security+ Network+ …..that being said are those certs enough to land a decent entry level in IS?

 Timmy said 🔗
Im in cyber security. I have run several SOCs and VATs. Now I'm a program manager for a cyber operation. Cyber futures are very bright and companies are desperate for people.

If you want to get a foot in the door there are a couple of paths.

No matter what, Start with a network plus cert. It explains how a network works. Then get security plus.

To get into SOC start by taking splunk fundamentals 1. It's free through splunks webpage. Study phishing and command and control (c2).

To get into vat, learn security center/acas/nessus (all basically the same thing).

I'm hiring people right out of school at 75k. Top range is 200k. Educate yourself and it will be worth it

 3 years ago '08        #17
Riley11 
Props total: 2389 2 K  Slaps total: 1008 1 K
I’m studying networks right now within a boot camp 12 week program at a university, they put heavy stress on compliance from what I’m learning. I really want to get into the field , what is most important to focus on from
What you learned because I feel like most schools throw on extra info you won’t even use but I can’t dissect that part. I’ve run wireshark and Nmap plus Nessus with instruction but don’t remember all the commands to do it on my own for example .
 eazyvaboy said 🔗
I work in Cyber and have taught various graduate Cyber classes at a few universities.

To clarify, I don't work in the Cyber group at my company but I am the Cyber rep and POC to he ISSO for our projects. I do development and manage our Systems cloud deployment team but I also am responsible for most of our Cyber stuff for our projects.

I have to mitigate any vulnerabilities on our stuff after security scans. We do Nessus on the front end and Guardium on the back end. I have to do hardening and least privileges checks on all of our stuff ahead of our schedule audits and on the quarterly runs. I run the DR scenario planning and tests and complete our security control assessments and checks.

Worst part of it is I have to be on the summer jam screen with the auditors when they do scheduled and surprise security audits.

Like



 3 years ago '04        #18
eazyvaboy  topics gone triple plat - Number 1 spot x14
Props total: 59256 59 K  Slaps total: 2693 2 K
 Riley11 said 🔗
I’m studying networks right now within a boot camp 12 week program at a university, they put heavy stress on compliance from what I’m learning. I really want to get into the field , what is most important to focus on from
What you learned because I feel like most schools throw on extra info you won’t even use but I can’t dissect that part. I’ve run wireshark and Nmap plus Nessus with instruction but don’t remember all the commands to do it on my own for example .
Sorry in advanced for the long winded explanation but want to make sure I answer your question correctly like I wish someone would have answered it for me long ago.

First, don't worry about not remembering all of the wireshark or Nessus commands. Even if you were doing it at a gig, you wouldn't need to know them all by heart. You would eventually start doing it so much, you would eventually start remembering them and knowing it by heart as a result. It's really not like how you think. If you get a job in it, they only want to make sure that you have done it and that you have an understanding of what you're doing and that you can come in and get to work. That's all.

Bruh, the thing to understand about Cyber is there are a lot of different disciplines just within Cyber. I have some homies that been in Cyber for a decade and only have focused on policies and controls.

I know other people that have only done pen tests and vulnerability analysis and don't understand certificate structures and revocation.

For example, you could do:

Forensics – investigative analysis to gather and preserve evidence for people doin while sh!t on a machine or to see what actions have taken place. You got people going to law school now and also getting certs and getting into this sh!t. it is crazy!

Disaster Recovery and Contingency Planning – performs planning and test how organizations deal with disasters. I have to do a lil of this.

Information Security Auditing – examining the organization's practices and procedures, controls, protection mechanisms, physical security. I have to do a lil of this.

Software Assurance or Security Engineering - Secure coding practices and testing.

Test and Analysis - Checking new software and hardware and other technologies for weaknesses and against current policies. I just went through this last month. we wanted to integrate a 508 accessibility tool into our pipeline called DeQue Axe but they couldn't provide evidence or a statement that they were IPv6 compatible so our cyber team put a nix on it and said it introduces a vulnerability to that segment of the network.

Cryptanalysis and Cryptography – involves the creating, protecting, or breaking of ciphers and discovering any features or hidden parameters of an information system. With Crypto, NFTs, and block-chains, this segment is blowing up on the low. Plus traditional financial institutions are about to block-chain it up.

Information Security Policy and Planning – creating, updating and maintaining the information security policies. I do a lil of this.

Vulnerability Analysis and/or Pen testing - Conducting assessments of threats and vulnerabilities. I do a lil of this.

So there are some of the different responsibilities that Cyber practitioners have. Depending on the size of your organization, you may have one or more people performing multiple roles. I’ve worked in large organizations where you have a separate section responsible for each of these role.

All this is to say, don't sweat not knowing everything. It's like getting into IT. Get a good foundation and get your foot in the door. Once you learn the different lanes, you'll gravitate to something more specific.
+12   

 3 years ago '17        #19
Timmy 
Props total: 833 833  Slaps total: 94 94
It's enough to get an interview for sure. I'm in Dc and if you can get all that, actually retain the knowledge and find a company willing to sponsor you for a security clearance, you will never have to worry about a job again.

Can't lie, I hate policy too. Second people start talking policy I go to sleep.
+1   

 3 years ago '08        #20
Riley11 
Props total: 2389 2 K  Slaps total: 1008 1 K
Man much appreciate all of this….literally was just refacing and took a quiz over BC/DR RIGHT before I got back on here….so tell me….I don’t have a degree and I’ll only have certs. I’ll be able to get jobs just based on that ?
 eazyvaboy said 🔗
Sorry in advanced for the long winded explanation but want to make sure I answer your question correctly like I wish someone would have answered it for me long ago.

First, don't worry about not remembering all of the wireshark or Nessus commands. Even if you were doing it at a gig, you wouldn't need to know them all by heart. You would eventually start doing it so much, you would eventually start remembering them and knowing it by heart as a result. It's really not like how you think. If you get a job in it, they only want to make sure that you have done it and that you have an understanding of what you're doing and that you can come in and get to work. That's all.

Bruh, the thing to understand about Cyber is there are a lot of different disciplines just within Cyber. I have some homies that been in Cyber for a decade and only have focused on policies and controls.

I know other people that have only done pen tests and vulnerability analysis and don't understand certificate structures and revocation.

For example, you could do:

Forensics – investigative analysis to gather and preserve evidence for people doin while sh!t on a machine or to see what actions have taken place. You got people going to law school now and also getting certs and getting into this sh!t. it is crazy!

Disaster Recovery and Contingency Planning – performs planning and test how organizations deal with disasters. I have to do a lil of this.

Information Security Auditing – examining the organization's practices and procedures, controls, protection mechanisms, physical security. I have to do a lil of this.

Software Assurance or Security Engineering - Secure coding practices and testing.

Test and Analysis - Checking new software and hardware and other technologies for weaknesses and against current policies. I just went through this last month. we wanted to integrate a 508 accessibility tool into our pipeline called DeQue Axe but they couldn't provide evidence or a statement that they were IPv6 compatible so our cyber team put a nix on it and said it introduces a vulnerability to that segment of the network.

Cryptanalysis and Cryptography – involves the creating, protecting, or breaking of ciphers and discovering any features or hidden parameters of an information system. With Crypto, NFTs, and block-chains, this segment is blowing up on the low. Plus traditional financial institutions are about to block-chain it up.

Information Security Policy and Planning – creating, updating and maintaining the information security policies. I do a lil of this.

Vulnerability Analysis and/or Pen testing - Conducting assessments of threats and vulnerabilities. I do a lil of this.

So there are some of the different responsibilities that Cyber practitioners have. Depending on the size of your organization, you may have one or more people performing multiple roles. I’ve worked in large organizations where you have a separate section responsible for each of these role.

All this is to say, don't sweat not knowing everything. It's like getting into IT. Get a good foundation and get your foot in the door. Once you learn the different lanes, you'll gravitate to something more specific.
+2   

 3 years ago '04        #21
eazyvaboy  topics gone triple plat - Number 1 spot x14
Props total: 59256 59 K  Slaps total: 2693 2 K
 Riley11 said 🔗
Man much appreciate all of this….literally was just refacing and took a quiz over BC/DR RIGHT before I got back on here….so tell me….I don’t have a degree and I’ll only have certs. I’ll be able to get jobs just based on that ?
Yes, in cyber, you will definitely be able to get a job by just having certs and not having a degree. Most people making good money that I know doing that have, at least, a CISSP. I have degrees but I know a grip of people in it without a degree.
+5   

 3 years ago '20        #22
OrganizedChaos  topics gone triple plat - Number 1 spot x1 OP
Props total: 5744 5 K  Slaps total: 350 350
 eazyvaboy said 🔗
Yes, in cyber, you will definitely be able to get a job by just having certs and not having a degree. Most people making good money that I know doing that have, at least, a CISSP. I have degrees but I know a grip of people in it without a degree.
I agree 1000%.
+3   

 3 years ago '15        #23
kami  topics gone triple plat - Number 1 spot x6
Props total: 67826 67 K  Slaps total: 27320 27 K
 eazyvaboy said 🔗
Yes, in cyber, you will definitely be able to get a job by just having certs and not having a degree. Most people making good money that I know doing that have, at least, a CISSP. I have degrees but I know a grip of people in it without a degree.
Is 29 too old to get in this?
+1   

 3 years ago '04        #24
eazyvaboy  topics gone triple plat - Number 1 spot x14
Props total: 59256 59 K  Slaps total: 2693 2 K
 kami said 🔗
Is 29 too old to get in this?
Absolutely not! If you get your first cyber gig entry level, that can easily be finessed into 6 figures within 4 or 5 years depending on where you live and that's being conservative.

It may not seem like it but everyone should remember that Cyber is still a relatively new field in the grand scheme of thing. In the 90s, online pr0n companies were kinda the traiblazers for protecting data because they were some of the only companies that had a ton of online content for sale that they needed to protect.

The federal government didn't create FISMA (Federal Information Security Management Act) to secure federal information until after the Sep 11th attacks and at that time, it was just a little side bar act of the overall EGovernment Act.

Cyber is not to the point yet where you will meet a ton of people that exist and can say, I been in Cyber for 30 years. So if you get in it now, you will feel right in the mix in about 5 years or so.
+9   

 3 years ago '20        #25
OrganizedChaos  topics gone triple plat - Number 1 spot x1 OP
Props total: 5744 5 K  Slaps total: 350 350
 kami said 🔗
Is 29 too old to get in this?
Lol definitely not bro, trust me you'll still be a youngin' in this field. Many people get into to cyber MUCH older.

Most people I've worked with in Cyber took untraditional routes to get where their at so people get into the field at a variety of ages (usually "older").


Last edited by OrganizedChaos; 08-21-2021 at 07:37 AM..
+6   

say something...

ADVERTISEMENT
Sign me up
 
 

yesterday...


most viewed right now
props+8111
Image(s) inside Damn she living like that
125 comments
2 days ago
@wild'ish
most viewed right now
9
logo LeBron gets called out for stat padding
99 comments
1 day ago
@sports
most viewed right now
props-275
Image(s) inside The difference between a 30 year old in the 80s vs 2024
35 comments
2 days ago
@wild'ish
most viewed right now
props+1352
Video inside Rozay shouldve kept quiet..
176 comments
2 days ago
@hiphop
back to top