NOOB Sysadmin Question

[sebrown]

Hello all,

Sorry if this might be in the wrong section, the "Questions" seemed to be more for technical based questions where as this is more of a general how to about become a 'sysadmin'

I've been around computers all my life and a web designer now for 5 years, mostly front end stuff with some php/javascript background. Recently the past year I've started to become more interested in the Networking technology and administration aspect of the web. Listening everyday to countless podcast like Security Now, PaulDOTcom, and especially Hak5 really gets me in the mood to put down my shiny Mac Book Pro, dust of my 3ghz P4 box and get down with some SHELL/UNIX commands or get root access some foreign server, but then Im quickly reminded im just a noob and I don't know any of this cool shit.

I guess the question Im trying to pose is: where do I start with all this? Id love to have the ability to run a basic web server, maybe learn some Shell or do some PEN testing, but its all so overwhelming at this point I don't know where to start. Deep packet inspection, PEN testing, Root scripting are all things I'm interested in, how can I get better understanding of such things without dragging my ass back to college?

Any and all advice would be greatly appreciated.

[VaKo]

Pen testing is vastly overrated by legions of teenage "security experts", and in reality unless you are good (and I mean *Good*) it will do nothing for you career wise. What you should concentrate on is learning how things work, and how you keep them working. Get yourself an spare system and start with one of the *nix distro's that are less hand-holdy, personally I like FreeBSD as it taught me the concepts behind the os, and had just the right balance between being well documented and hard enough to make me reinstall 20 times in the first month. Someone will jump in and go "Ubuntu!" but this will teach you very little other than how to search the ubuntu forums for step-by-step guides. If you want to use linux over BSD, stick with something like Debian or Red Hat. Red Hat is very important to know as 99% of the comerical linux installs I've seen have been Red Hat, and you can get a free clone called CentOS.

Lastly, get yourself another machine and have a play with Windows Server 2008, again the kiddy-legions will decry this as lame as its obvious that M$ sux0r teh bigg 1!! But Server 2008 is damn good, and you would be a complete fool not to at least investigate it. One of the biggest mistakes I found when entering the world of sysadmining was that I thought linux would be more popluar. Aside from Red Hat, i've not seen linux used that often. Learn Windows!

[Xarf]

I'm in agreement with Vako on this one, I jumped into Server 2003 way before I even started looking at .nix simply because it's surprising how much of industry uses Win based services & apps on their networks.

Most corporate networks are using MS Exchange for their e-mail systems & Win VPN for remote file sharing.

To be completely honest, it's my opinion that .nix is great.. for web hosting.

@Pentesting .. I tend to read up various websites and I've watched a fair few vids on pen testing but at the end of the day unless, as Vako said you're "the best" it's not going to look good on your resume or help you get a job compared to experience or knowledge on practical topics.

again the kiddy-legions will decry this as lame as its obvious that M$ sux0r teh bigg 1!!

amagad suzz0r! rite?

[shido]

argh damnit my internet cut earlier and i sent a LONG post now im just upset and cant type it again so ill just say i second vakos post

[SmoothCriminal]

I too agree with Vako. In order to actually hack things (other than scrip kiddy shit), you have to understand the networking world before. Play around with Windows server, if you have the time/money look into CCNA/MCSA to get you started.

[sebrown]

I understand that PEN testing will do no good unless you know the ins and out's of sys like the back of your hand, my reasoning for wanting to learn the skills is like I said, im a web programmer and I already have a great career with that. If I'm able to to incorporate the Web design and sysadmin i fell I would be much more valuable to company's that do everything in house.

When we talk about OS's, where do you guys suggest I begin to put my time into R&D on both sides of the isle?

Windows Server 2003 -2008? are they similar? should i start with one, move up to the other, or stay with the current 2008?

Free BSD - Linux Redhat - Ubuntu? - As im very noobish with unix platforms, is it best to start with a GUI type hand holder like Ubuntu to start learning the ins and outs, or do I focus on learning and OS from command line script?

I know everyone has there own method of how the prefer to learn such things, im just interested in what yall would do if you were in my shoes. Then I can get a feel for each and choose whats best, I just don't want to wast time on something like Ubuntu if really its going to be useless unless i know command line anyway.

And of coarse im going to be Googling my brains out for the next week trying to piece together resources and so on, but any thing you guys can recommended (books, tuts, pod casts, forums) would be greatly appreciated.

Thanks again all!

[sebrown]

I too agree with Vako. In order to actually hack things (other than scrip kiddy shit), you have to understand the networking world before. Play around with Windows server, if you have the time/money look into CCNA/MCSA to get you started.

Good point!

Certifications are worth the time and money...

[m0u53]

just learn how things work most people say "oh im a n00b i dont know shit about this or that"

but really they should say is "oh im a n00b cuz i choose to be a n00b"

anyone can do anything as long as they try just jump on win2k8 server and just explore it mess with it break it if you have to learn everything you can take notes(mental) and just get a feel for it untill the point where you know everything there is too know...and yes ubuntu is pita distro(pain in the ass)

[VaKo]

Do the pen testing for fun, there won't be a great deal of overlap but it might make you re-examine your own web-dev work and you'll probally learn something interesting which could be used on your CV or in an interview.

Windows 2003 is the last-gen server OS from Microsoft, it comes in a variety of flavors but the only ones it worth spending time on are standard and enterprise. Server 2008 is just the latest version of this, based on the same code base as Vista. There will be less difference between 2008 and Windows 7/2008 R2, so I would recommend learning 2008 over 2003. Personally I've been really impressed with 2008, it just works.

On the *nix side of the isle as I've said you should only really concentrate on Redhat with some forays into Debian territory. A huge amount of distros are based on these 2, so learning how to use both will allow you to transition between far more distro's than starting with Ubuntu. Simply because while there might be some adjustment you will be on familiar ground. Learning Redhat (or CentOS) is a must if you actually want to earn a living with linux though. But do remember that 90% of linux distro's are pointless wastes of time unless your academically interested in them.

I would really recommend starting with something that doesn't hold your hand. A few years back when I was starting to play with *nix I would download Ubuntu, install it and be left with a system that kinda looked/felt like the the bastard child of windows and mac and only ran half-arsed bootlegs of Windows programs I already used. It wasn't until I started playing around with FreeBSD that i actually started to understand how *nix worked at the architectural level, mainly because you install it and all you have is a command line. If you want a gui you had to learn how to install one. I found this approach far more constructive because it forced me to dig around in the FreeBSD handbook (yes, FreeBSD comes with an actual manual!). I had to learn every step along the way before I could do the fancy shit. OpenBSD is another good choice, but I found that FreeBSD set the bar just right for me. OpenBSD can be a bit pedantic at times unless your main concern is security.

My personal method of learning is to jump in the deep end with a brick tied to my foot whilst clutching a reset button, if you prefer working your way in from the shallow end then my advice may not be 100% suitable.

[shido]

wow vako looking at your post,its almost exactly what i wrote, but i cant prove that coz well i stated my problem :(

as 4 sebrown dont try to rush into too many things at once id suggest you just have fun take it a day at a time. Do some pentesting as a hobby, learn a lil about server management, read a lil mcse and go write it if you want, atleast you know you'll be certified while having fun gaining knowledge, besides that mcse is not as hard as people make it out to be.

Like Vako said delve into server 2003 and i think you can get a copy of 2008 from microsoft site,its just a trial. Me being a linux fan i must say that 2008 is really impressive, its got some nice security features.

As for linux go into redhat or other server os based in nix. Id also suggest you get a copy of DVL so you can learn more about security.

Oh and dont call urslf a noob, because im sure you got more skill then alot of guys that think they leet. I mean seeing that you got knowledge of javascript/php sets you on a good foundation. Nowadays i dont use that word on myself, not because im skilled but its just that i believe the first part to not being a noob, is to stop calling yourself that, and get off your ass and try to make a move in the direction you wanna.

Have fun read articles on the net, watch videos and try out what you think would be good to learn.

Remember the choice is yours take it step by step...

Hope that helped ^_^

[shido]

Yo Vako i would have sent this message to you personaly but your inbox is full lol anyways, im thinking FreeBSD can help me gain a better understanding of Linux. But now i need to know what version should i get,should i get the latest? And im seeing this at the latest version

File:7.0-RELEASE-i386-bootonly.iso

File:7.0-RELEASE-i386-disc1.iso

File:7.0-RELEASE-i386-disc2.iso

File:7.0-RELEASE-i386-disc3.iso

File:7.0-RELEASE-i386-docs.iso

File:7.0-RELEASE-i386-livefs.iso

Should i download all three disks and leave the livefs and bootonly?or should i download vice versa? Oh and if i download just the three disks is there a way to join those iso files to make one big one so i can put it on a dvd?

[VaKo]

If you have a decent network connection I would just get the bootonly, it just downloads all the disc content from an FTP server. Then do a minimal install.

[shido]

If you have a decent network connection I would just get the bootonly, it just downloads all the disc content from an FTP server. Then do a minimal install.

Which means if i format the computer then i have to do the whole download again when reinstalling, wouldnt the three be a better option?

[VaKo]

Even if you download the full CD's and install from them, you will need to redownload the src for the kernel, userland and applications again when you run the updates. So IMO it is more practical to do a minimal network install and download the latest src when you want to install an application or update the kernel or userland.

[shido]

oh well i think ill do that, and reads some tuts to help me if i get stuck. Thanx

[Tarbizkit]

There are many other distros out there that have a dvd iso that you can download. fedora, suse are two examples(both can be download via torrent too). In my experience frebsd is not always the best distro to start out with when learning linux, primarily due to the fact that some people just get bored with it. IMO ubuntu is probably one of the best for people wanting to try out linux and learn it as well. although you can not download it from ubuntu in a single dvd iso. you should be able to create a dvd disk though from the individual cd iso's.

[psydT0ne]

Well I don't know that much and I blame that on my life being put on hold for a year while myself and my family get our lives sorted out...nuthin that bad...anyways I digress.

My point is yeah learn the ins and outs of Microsofts world...their server offerings, exchange, small business server etc.

Linux IS a lot of fun, but the majority rely on Microshaft to get them by.

I guess it really depends on what you want to do.

It can be a hard decision at times, should you be a jack of all trades and a master of none?

Do you want to use your knowledge for employment?...if so specialise in one area.

Just my 2 cents, yeah it's a bit daunting at times.

I guess my best advice?....setup a home server first...linux or windows 2003 or whatever you can errr torren...umm get your hands on. Configure it...get it running some services and then maybe do a little system enumeration with your mac or whatever else you have....maybe a little packet sniffing....etc.

It's be a start anyways :)