I am very interested in pursuing a career in network security and computer forensics. What certfications should I be looking into to better help out in my newly found career path.Can anyone recommend a good starting point and also decents schools that could offer this major at a reasonable price in the WASHINGTON D.C area.

This is all my personal opinion, so do not use it as a law, and please no flaming.

I would recommend a 4 year undergraduate degree (read Bachelors of Science) in Computer Science. Unfortunately I am not familiar with the universities in the DC area so you will have to do that part of the research on your own. Shoot for an institution that is ABET accredited.

Beyond that you will need a lot of experience in lower level aspects of computers. This is time that you have to put in on your own. Expect a lot of hours at your computer, consistently. It's one thing to read papers or case studies, but doing it yourself starting from scratch on a live case is very different.

Start by hacking into your own boxes, install a rootkit or two, and then try to track everything down. As you progress, consider setting up a honeypot, and perform forensics analysis on that.

Certifications in general are questionable. I know people who have a handful of certifications, but really lack intelligence and common sense. Others I know have no certifications and are some of the brightest people I know. Certifications only prove that you can memorize a set of facts for a small period of time. They may help you to get a job, or they may not.

We have in our crew 2 guys graduated from computer science. They know naught beyond Microsoft Windows and programming on MS Visual Studio. Just shame. And we have also 1 guy who's genius in hacking and cracking without degree. Self study is very important indeed. I believe if you follow the advice of previous poster about starting the hacking experience with your own boxes, you'll reach much higher in technique and knowledge than uni. Uni will though give you official academic degree for future employment

I have an associates in information systems pushing for a bachelors in information systems with a minor in network security at my current university but I am not happy with the classes and location. As far as setting up a honeypot, what level should I have my security setup on my linux honeypot and what is your opinion about honeywall cdrom package? and how can I get my foot in the door from being an administrator into network security? thanks

Would your undergraduate degree in IS be a bachelor of science? At my school, the IS majors are not cut out for careers in IT. Hiring an IS major from my school is regrettable 99% of the time. This leads me to (unfairly) draw a similar conclusion for other schools. What you want is a bachelor of science.

are there universities or college that anybody anybody may no of in the Washington D.C area. thanks

Computer security really is a hands on skill. here is my suggestion:


1. Get a position doing some sort of software or application development. This will FORCE you to know the inside and outs of the OS, TCP/IP and networking. After you have some solid fundementals, start looking for a system administrator position. Jr unix admin or something .


Certifications are cool if you use them right. I know lots who just want them so their signature looks good.

I am currently a systems admin. I guess I would need to concentrate more so on the application development side and take it from there. thanks

You should get a CISSP cert, not for the title but for the contacts.