Ell on Infosec - Mastering the Basics
Start with the 5 Pillars of Infosec: general computing, computer networking, scripting and programming, Linux and MacOS, and Windows.
Jun 08, 2023 • 8 Minute Read
Ell Marquez is a self-described scientific hooligan, infosec noobie, and recovering Linux Administrator. As the creator of the It’s Okay To Be New campaign, she hopes to encourage others to circumvent gatekeeping while enjoying their journey into the land of technology. “I want to be in the cybersecurity field like you!” I used to tell my friends. At the time, I had no idea I was about to embark upon one of the hardest endeavors I’ve ever tackled. Not because of the industry itself, but because of the overwhelming amount of technology involved. Thankfully, I’ve been lucky enough to have a tribe of hackers willing to help me find my footing. From my first infosec conference, this community has been the most welcoming group of people I’ve ever met, not only answering all of my questions, but taking the time to sit me down and walk me through exactly what they were talking about. Their generosity, their willingness to lift others up and bring them along, was a big part of what sparked my interest in cybersecurity in the first place. To thank my tribe and pay their efforts forward, I’ve decided to start this blog series, and invite you all to take this journey with me. The path may get rocky, and I’m sure to make missteps along the way, but I’ll share everything, bruises and all. If you take one thing away from this adventure, I hope it’s the idea that it’s okay to be new to something, to admit that you don’t know what you don’t know, and to be willing to ask for help.
But what do you want to do?
When I’d tell my friends I wanted to be in the cybersecurity field, I didn’t realize how wide open that statement was. It’d be like saying I wanted to pursue a career in medicine or education. Their answer was usually some form of, “great, but what do you want to do?” I soon realized that I didn’t know enough to even know how to answer them. So I reached out to the community, asking people what they did and how they got started. This ultimately became a large part of my work on Jupiter Extras. This is how I first encountered James Smith, a self-described back alley pentester, breaker of scripts, and Dungeons & Dragons enthusiast. Based on his description alone, he was definitely someone I needed to meet! During our time together, he mentored me on the importance of “mastering the basics”, as it would provide a solid foundation for whichever path I decided to take. As an instructor told his team during his time in the special forces, “we look special because we master the basics.”The five pillars
Mastering the basics sounds great, but which basics? For someone just starting out, even figuring out where to start can be overwhelming. James broke it down into the following five pillars. The first pillar was general computing. This includes subjects such as threads, processes, process trees, and memory (RAM). The second pillar was computer networking, with fundamentals like the OSI model, TCP/IP, subnetting, and VLANs. This pillar also contains what I consider more advanced topics, such as packet capturing and packet analysis. The third pillar? Scripting and programming. Here, James left open the choice of programming language, and I was thankful to see that he included BASH in this list. What can I say? I know a Python one-liner can do what I do in 20 lines of BASH, but I’m still proud I managed to write the script! The fourth pillar James laid out was Linux and MacOS. I’ll admit that I pushed back a bit here, arguing that the two operating systems, though both UNIX-based, should be separate pillars. His response? The same could be argued for many subsections on the list. Landing on five pillars is a bit of a subjective choice, and he told me if I wanted, I was welcome to craft the pillars that worked best for me. But I was able to breathe a sigh of relief with this one. Finally, a pillar where I had a strong foundation! Then he got to the fifth and final pillar — Windows. Gulp. In my conference talk, Confessions of a SysAdmin, I proudly stated, “I have never used Windows.” After looking at Microsoft reporting that there are over 900 million Windows devices currently active, this pillar has helped me realize all I was saying was, “I’ve been tackling this field with one hand tied behind my back.” Now, you might have noticed that none of these pillars directly relate to what many starting out in cybersecurity would consider part of the field. I mean, where’s the hacking!? But when we stop and really look at the pillars, we can understand why they were chosen. After all, what would we be defending or attacking? Operating systems and networks, perhaps? And how would attacks be carried out or warded off? Surely scripting would play a role? James has done an amazing job not only breaking down these pillars, but also providing a plethora of resources that can help you pave your own path. I would highly encourage everyone to read about the five pillars on James’ github. Then, take a few minutes to listen to our recent conversation on Jupiter Extras where we delve deeper into how to master the basics.From five pillars to three
Marcus J. Carey, an active member of the cybersecurity community and author of the Tribe of Hackers series, was also kind enough to offer his thoughts on mastering the basics. Marcus has a slightly different perspective as he likes to streamline things. The three pillars he teaches are system administration, internetworking, and software development — “and they all work together in the long run.” System Administration System administration is critical, Marcus says, because at the end of the day that’s where the data lives. “Big picture, the core concepts of different operating systems are the same. Windows certainly is different from UNIX/Linux-based systems, but the core principles of securing them are the same. I tell people to learn the Windows world and learn a flavor of Linux.” He also encourages people to learn scripting, or at least understand it on both branches. On the Windows side of things, you should know command line scripting, such as batch files, as well as advanced concepts like PowerShell. On UNIX/Linux, learn scripting and Python, as those are most used by system administrators. “Attackers ‘live off the land’,” explains Marcus. “They use built-in tools and programs for their nefarious purposes.” Mastering those tools yourself will help you understand their vulnerabilities and better prepare you to defend them from attacks. Internetworking “Security professionals should have a great understanding of how systems connect over the local network and internet,” Marcus continues. “Most targeted attacks are going to be over the internet, which means if you don’t understand the internet, you aren’t going to be the most prolific attacker or defender.” I see this as similar to my earlier reluctance toward Windows. You have to be deeply familiar with the space where attacks are occurring, or else you’re not going to be able to do much good at all. Software Development Marcus’ third pillar is software development. “It’s important to understand because software manages, stores, and transmits all the data we are trying to protect. So you must know system administration to secure software. You must also understand internetworking so you ensure that the data is transmitted securely.” Also, when security professionals and attackers write scripts and tools, they are actually developing software. Being competent in software development also allows us to help test and secure software as well. Ultimately, Marcus sees all three pillars working together “in sort of a triad or pyramid” of what a security professional should strive to master.Going on an adventure
So what did I do with my newfound knowledge? Simple — I decided to put aside my dreams of being just like my hacker family, and in true hacker spirit build my own path instead, one foundational stone at a time. Gone are the days of proudly announcing I’ve never used Windows. In fact, I’m writing this on a Windows machine, and even went so far as presenting on the same device at the South California Linux Expo (SCaLE). I was pleasantly surprised that no one booed or jeered. Actually, everyone was quite supportive of my journey. Currently, I’m studying for my Security+ certification so I can learn to navigate the alphabet soup of acronyms utilized in the security community. I’ve also joined a free Network+ study group that Marcus is leading — and he’s extended an invitation to all of you, as well. While the Network+ cert isn’t my top priority right now, the knowledge is definitely a foundational stone I wish to have. If you’re searching for the best way to start your journey, but you’re not sure this is the best place for you to start, that’s okay! Everyone travels their own path, and experiencing that has by far been the most enjoyable part of joining the cybersecurity community (or as I call them, my hacker family).Start a journey of your own
Wherever you are, whatever your skill level, A Cloud Guru has the goods to help you build modern tech skills and advance your career.