Posts Tagged: cyber weapons


17
Jul 12

How to Break Into Security, Bejtlich Edition

For this fourth installment of advice columns aimed at people who are interested in learning more about security as a craft or profession, I reached out to Richard Bejtlich, a prominent security blogger who last year moved from a job as director of incident response at General Electric to chief security officer at security forensics firm Mandiant.

Bejtlich responded with a practical how-to for a security novice looking to try on both attacker and defender hats. Without further ado…

Bejtlich: Providing advice on “getting started in digital security” is similar to providing advice on “getting started in medicine.” If you ask a neurosurgeon he or she may propose some sort of experiment with dead frog legs and batteries. If you ask a dermatologist you might get advice on protection from the sun whenever you go outside. Asking a “security person” will likewise result in many different responses, depending on the individual’s background and tastes.

Rather than try to devise a thorough curriculum that provides balanced coverage of the dozen or more distinct disciplines that one might call “digital security,” this article covers one aspect: magic. More specifically, this advice strives to dispel the notion that digital security is a realm where only magicians can perform superhuman feats involving computers and data. Rather, the point is to provide a way for beginners to get a feel for convincing a computer to take actions probably not expected by its original programmers. For those with a more technical inclination, the article provides a means to watch what is happening at the network level.

Continue reading →