I see you also have security credentials in your sig. Would you care to elaborate?
Hmmm... Security?
In my sig, I only mention the CCSP or Cisco Certified Security Professional aka CCNP + Security.
I've had these credentials since starting with Cisco's Managing Cisco Network Security back in like 2001 or so.
So...
What do I do or better yet what have I done in the Security space?
Good question.
On the corporate level in today's networks I do a lot of the following:
1. Firewall Administrator - Manage access to or from the network.
Network Address Translation
Firewall Auditing - Simple things like making sure logging is enabled and working properly and time synchronized is a biggie.
SNMP has to be enabled and working as desired.
Performing Packet Captures and utilizing the information obtained to help resolve simple to very complex issues in the network - slowness, loss packets, runts/giants, CRC errors, various flags, tcp retransmissions, etc. Simple can we get there (from here or there, wherever that may be), etc.
Lots of ARP, TraceRoute, and PING for example.
VPNs - Mostly every type of VPN - gotta have access
Authentication - 2-Factor, RSA, PKI, AAA, Local, etc.
Password Rotations
All this leads me to the ACS Server or the given RADIUS Server to pass the credentials to the Domain like the Active Directory or Novell Directory Services, etc.
Guest Wireless Access - We find this an anchor WLC in the DMZ and of course this falls into my domain too. So I configure it, maintain it, and operate it.
My work with VPNs can be quite interesting. So I ensure people know I do this.
Load Balancing comes into play with my work in the DMZ or Data Center.
Everything comes down to knowing binary and how to apply access lists to everything. QoS, Route-Maps, Distribute-Lists, etc.
---------
On the flip side - I'm an old (now) MCSE 2000 and 2003 + Security.
This means I'm certified, experienced, and qualified with the Microsoft.
I had to know quite about domains, permissions, rights etc.
So I did that.
My Microsoft/Unix/Linux/Novell Admin Jobs were mostly migrating Novell, Unix, and Linux to a Microsoft platform.
I'm trained as a Microsoft DBA to some extent and I was hired on contract to learn how to use Crystal Reports, Design some Reports, Optimize them, and then teach it...
Not bad work for about $150.00 per hour if you have the time for it.
Not my thing.
But I learned a bit about databases and security that way. My goal was learning quite a bit about how to keep the data and access it for my security goals. I exceeded my goals.
--------
I also do Intrusion Detection and Intrusion Prevention.
I have performed Forensics Investigations successfully for the F.B.I. which have resulted in convictions.
I have served as an expert witness for various aspects of Security.
--------
I have survived various audits and have created rock solid security designs which have survived a few PCI Audits.
I use DNS and DHCP in the scope of Security right along with the rest of it.
I'm a Sniffer Certified Master - like Professor Messer for example.
I use a lot of tools pretty easily.
I found knowing E-Mail Systems to be very helpful, so I was a Lotus Notes Email Admin, Groupwise Admin, Sendmail Admin, and finally... I got certified as an MCSE 2000/2003 + Messaging.
Nice!
This is all still in the realm of security.
I've gotten paid about $12,000.00 to clean up behind Nimda and Code Red and ended up fixing Proxy Servers and the associated Exchange E-Mail Servers too.
I've had to fight off hackers and by doing this I had to rebuild exchange and SQL Servers - various types of SQL Servers.
I've had to take over e-mail accounts and basically hack into them to do what I had to do.
I've had to take over botnets - TK Worm was my first.
I've had to learn all about the POSIX file systems and become familiar with the NT WARDOC by Rhino9, etc.
Buffer Overflow Exploits were kewl once upon a time.
Rainbow Tables at another time.
Media Server hacking - I've had to take them back.
Hunting down distributed worms over a network and putting the pieces back together - done it.
Quite a list...
I've had to take out facebook and paypal from a certain wannabe "terrorist operation, followed by a very coordinated DoS on the site and forum of the folks who were responsible for the issue at hand.
More stuff...
I've been paid for "proof of concept" stuff related to emails, dates, and proving it for court cases.
I've had to prove or dis-prove people were hacking.
I've hunted down child sex offenders.
I've had to help develop a coordinated "Castle Defense System" network design.
The list goes on and on...
Over the years I've done a lot of Security related tasks.
In my job as a Network Specialist - I get asked to take over networks.
So I perform a network assessment and then I proceed to hunt down the File Servers (SMB/TFTP/FTP/etc.) and then I take them one by one, then I use the information to leverage my take-over of the network.
After that I take out the network elements.
I may use buffer overflow exploits or password crackers to take out other elements of the network.
Sometimes I take over via wireless.
I then establish command and control over the network.
Then I proceed to take root wherever needed.
It doesn't take long before I have administrative access to the majority of the network of know what I don't have.
SQL Servers has its weaknesses so I take the helm there too if asked.
The list goes on and on...
I could write about this for days and days really.
Does this help a little?
Comblues