Cyber Plumber's Handbook Thoughts + letting people know you appreciate their work
A few years ago, as a student, I picked up the Cyber Plumber's Handbook. I saw a tweet about it, and learned that it was free for students. I used my WGU email account and signed up to receive a copy.
A few minutes later, I was swiping through a PDF copy of the book and trying to understand some of the concepts. I was still pretty early in my career (still am.) and up to this point, my experience with SSH had been setting up a Raspberry Pi at home that I could SSH into and hop around on my machines at home. I felt like such a boss doing this. I set up accounts for a few trusted friends, an internal IRC and configured it for key-based authentication rather than passwords. I also set up Fail2Ban and thought I was legendary for that. Still, I'd never taken a deeper dive into SSH, because I thought that was as deep as it went.
The book is essentially a lab guide to SSH tunneling and port forwarding that's great practice for pivoting through networks and understanding the basics of port redirection. It later goes deeper into some other concepts like throwing exploits through one tunnel while catching a shell with another.
I really found it cool to set up a lab where I can compromise a web server and bounce off of it to attack a machine deeper in the network by setting up a tunnel or SOCKS proxy through it.
The author, Brennon Thomas also released some labs with an accompanying guide, so readers can go through the learning experience without setting up their own lab. That's available here.
Letting people know you appreciate their work
Shortly after starting the labs (a bit simplified because of my limited setup at the time), I reached out to Brennon and noticed that he was in the same town, San Antonio. I was new to the place, and thought that was pretty cool. I shot him a message on Twitter saying thanks for making the book free to students and letting him know I was enjoying working my way through it. He replied and thanked me for reading and we kept in touch.
Around this time, I was finally able to invest in a home lab, and I'd wanted to put something together for a while. I picked up a desktop at a local computer store and customized it a bit, then I put together a virtual lab with Proxmox. No reason other than it was free, and easy to install.
As time went on, I'd show Brennon some of my lab stuff, and how I was starting to experiment with SSH tunnels. After I finished up my degree at WGU, he asked me what I planned to do. I was working at the time, and was okay with where I was, but I also liked the idea of working Monday through Friday and having regular holidays.
I applied for a job at Rackspace Technology (at the time just called Rackspace) and eventually got a call back. After some interviews, I found myself on the team. I learn everyday, and it's amazing.
There's something I should say about that. It's not as if I reached out looking for a job. I was just thanking a dude for his hard work on a book and giving him kudos. We chatted a bit here and there, and over time I built a solid connection. When people tell you to network, that's what they mean. It's not about just trying to reach out to someone for the sake of landing a job somewhere. It was more about making friends with common interests and later finding an excellent work opportunity by doing so.
Either way, check out the book and the labs. They will up your skills.