Well, things have been hectic around here to say the least. Got laid off in October, been in school 3 nights a week and job hunting all while working on web sites for a few clients.
I managed to get a call back and interview for 1 job so far. It was for a help desk position with Miles Technologies. Nice people, and a great opportunity, but I’m not quite sure I want to be a help desk technician. I’m sure I can handle the job and will learn a lot while on the job, but after the interview I realized I have been doing this sort of thing for years already, just not getting paid for it. What I mean by that, is that everyone in my family and friends always call me to help fix their computers, wether it be network related, virii, spyware, or just general help setting things up, like installing a new printer, scanner, upgrades, etc, I get stuck doing it. I also try to field a lot of questions on the Hak5 forums, as it helps me learn as well. Especially when I don’t know how to do something when a person has a question, I’ll take the time to research it on my own, just so I know how to do it in the future.
That leads me to my next big decision. I have been taking classes for networking, like Cisco and Microsoft, but I find that I really don’t like the MCSA/MCSE track. I hate exchange. Its the most retarded thing in the world, but a necessary evil in the corporate environment and something a lot of people get paid to support, just by itself. Help desk calls are sure to have some of these issues down the road, but what really interests me is the lan/network side of things and not so much the windows suite that runs on the network. Learning about how routers work and configuring them is much more fun than supporting 1,000 users in an Active Directory domain scenario. I’d much rather be learning how to break into these systems than supporting them because if I can get in, then I can learn how to defend against it as well, and that should come in much more handy(to me anyway) on the job than actually being the admin on the domain alone. If I can learn about the other side of things, I could probably get a job doing security, or at some point that I do make it as an Administrator of a domain, I know how to properly set things up and secure them in the process.
I find myself not only bored in my MCSA class, but angry with myself because I really need to pay attention and learn this stuff if I want to get any kind of decent paying job working on networks or system administration. But then there is that other side, the security end, breaking into and securing them against attacks, where I could care less about how Bob in accounting cant get his email, but more about, can I block Bob in accounting from getting that email all together, or social engineer Bob into opening a dangerous attachment that attacks the network. If I can do that, then I can learn how to protect against such attacks which would be more interesting to me and probably a lot more challenging than resetting Bob’s password for the umteenth time in one day because he cant seem to remember his password…
One of my clients that I work for is Offensive Security. The guys over at Offsec and Social-Engineer.org have been really good to me in the short time that I have known them. Its going on almost 2 years now I guess that I have been doing their web sites and misc projects for them, and they are always encouraging me to take one of the offsec classes. I think after I get done with my MCSA class, I am going to devote all of my spare time to brushing up on my Linux and then start taking the Offsec courses. I think that with those under my belt it will really help me to grasp the whole ball of wax that is networking in general and the aspects of administration and security, and how they all work together. Its one thing to follow instructions in the book for the MCSA stuff, but another thing to understand it and know how to fix things that are by nature, not a flaw, but “a feature” of all things in the world of windows…