You don't want to go to college? Not even community?

My cousin got her CS degree and now works IT as a manager at Cisco. $$$$$

>>34728270 (OP)
Read tanenbaum for starters.

I suppose I too, am interested in that career path.

Learn about fundamentals of networking, OSI model, TCP/IP model.

Learn about networking hardware, and protocols.

Learn about the basics of cryptography, also indulge yourself in networking concepts.

Layered Security, Security in depth, how to secure edge equipment.

I would watch/listen the "TechSNAP" podcast on the jupiterbroadcasting youtube channel. Allan Jude is a co-host and is extremely knowledgeable of networking and security. The podcast his saturated in knowledge, terminology and networking stories. You may not understand what they are talking about, but it's best to inundate yourself with the lingo and learn something truly valuable for the intended field you wish to strive in.

OP, we need a telescope

>>34728574
wot

>>34728863
that picture
gotta find my sides

I work a network security + incident response job, so I can probably give you some real advice.

1. There are fucktons of resources on the internet. You do not need to be a genius or a savant to self-teach via the internet. I'd highly recommend the /r/netsec sub-lebbit. Some good resources there.

2. If you do go to a university, often they have majors specifically for information security. If they don't, computer science and related majors will often have many networking and security courses. Or at least they should.

3. Many universities have network security extracurricular clubs. The people who join these clubs are usually experienced as fuck and incredibly talented and skilled in the field. Seek out such clubs and learn from those people. Befriend them if you can.

If you want a curriculum, I would say first get a good grasp of networking, and then get into security concepts. Other than that the order of things doesn't really matter.

>>34729058
>>34728429
Thanks, guys. I appreciate the response. Going to check all of this out now.

In addition to other things posted in this thread, a solid base of OS theory, typical exploitation vectors and their mechanics, malware persistence and communication techniques, and vulnerability discovery (fuzzing) would be a necessity to get into a good security career.

Of course, I think you should get really good at reverse engineering too, but I'm a little biased.

You can definitely get into the security careers without a degree, it just takes a lot of time because you typically have to prove yourself more than someone with a degree.

>>34730299
I agree with you.

He specifically mentioned network security, but anyone in the security field should be at least a little experienced with programming, OS internals, reversing, debugging, and malware analysis. And they should at least know the core concepts behind exploit finding, exploit development, and exploit delivery (else how could they ever work on defending against it?).

>>34730380
I interpreted "networking/security" as either networking or security.

I think anyone in the security field should be more than a little experienced in programming. For the most part, the days of easy stack based buffer overflows are gone. If one is going to be a security expert, a strong understanding of native programming, along with exploit discovery/weaponization/delivery is absolutely necessary.

I honestly don't see how anyone can even think about getting a job in security without knowing at least x86 assembly, if not ARM and MIPS.

>>34730474
Security is a very diverse field.

I do incident response and general perimeter defense for a large company, and there really is very little need to know x86 assembly. On a day-to-day basis, you are not going to be reversing anything.

Not to mention all the web app security jobs out there. Hell, even pentesters don't need to write their own exploits (though many do). And then there are the people who just write tools and products and scripts all day...

I do know x86 and enjoy reversing, and I think a strong ability to program, find exploits, and reverse engineer is what separates the skilled from the unskilled. You don't need that knowledge to get a decent paying job though.

>>34730607
Yea, I guess thats true. It just seems like pentesting/defense would be really uninteresting. They also don't seem to pay that much.

I'm sure a person can do just fine in those jobs, but it seems to me like it would be better to just get really good and do something more interesting.

Thats me though.

>>34730695
>It just seems like pentesting/defense would be really uninteresting. They also don't seem to pay that much.
They can pay really well. Pentesting in particular.

Probably not quite as much as native code exploit devs on average, though.

That's my job at the moment and I do plan on moving into application security stuff eventually. I don't really find it boring, though. You get to see what cybercriminals are doing worldwide every day, and counter them.

>>34730758
Thats good to hear, my short experience with pentesting was boring and low paying.

I really love application security and exploit/vulnerability analysis though. I can't see myself doing anything else.