I just recieved direct conversion to CTN. I have to attend the BDNA school but not the CTN "A" school and im due for orders pretty soon. Any input from CTNs on places they have been and what they thought of them.....thanks

Go to http://www.wireshark.org/ now and download/install Wireshark/WinPcap. Get to know your packets, get to know them very, very intimately. It would be nice if you know how to pick apart IP and TCP/UDP headers in a raw hex dump.

Study up on ARP, RIP, and BGP.

Be able to explain how this post gets sent from the application layer (your browser) and encapsulated for transport at the data layer to the military.com host, and then how the encapsulation layers(IP/TCP) get stripped off and passed to the application layer at the destination (the database backend for this forum).

Go to www.dnsstuff.com and learn how to use and understand every tool on there.

Try to learn some Perl, C, and maybe some PHP also. At least enough to pick apart the code. If you can learn how to do network socket programming that would be better.

Learn what server side exploits are (i.e. the animated cursor exploit that M$ just patched today).

Start working on your Network+ and Security+ certifications.

Go to http://www.vte.cert.org/, set-up an account, and work your way through as many of their CBTs as you can before BDNA.

Learn Linux - go to a thrift store and buy an old box and load Slackware or BackTrack on it (not that noob Ubuntu ****). Learn how to grep/awk/sed/etc.

Start building a personal library if you haven't already. I sink about $50 to $75 a month into books right now; everything from Javascript to protocol analysis.

You might want to consider building a personal lab - take that Linux box from above and figure out how to share files between it and your Windows box. Get an old Cisco router off of Ebay and put it between your cable modem and your regular Internet box. Then start playing with the ACLs (you might want to learn how to configure ACLs before exposing it directly to the internet...bad things happen to routers, and the networks behind them, with poorly written ACLs).

Start sniffing around here and get a feel for computer security. Try to soak up as much as you can.

Once you get a handle on all of that you might do ok as a CTN...it should get your through BDNA at least.

Seriously though, it would be good to have a solid handle on networking before BDNA, preferably at the Network+ level. All of the above will help you get a lot more out of BDNA (and will make you a better CTN), but prob aren't necessary. You will cover a lot of the above material in BDNA, but it will be at a break-neck pace with little chance to actually apply any of it.

As far as duty stations - I've heard lots of bad things about Pensacola. Lot of people have bad things to say about Ft Meade also. Everyone seems to be trying for the billets in Hawaii. Lot of wierd DIRSUP type billets being stood-up on both coasts that people are avoiding since they may actually have to go to sea or the sandbox (in-theatre forensics of blood-spattered hard-drives anyone?) - you might get shoehorned into one.

Welcome to the meat grinder...

Good luck,
CTN1 Mario D.

This message has been edited. Last edited by: DIRSUP_KORLING,

This interests me. I am currently a new IT in the NAVY with a good deal of prior networking/IT/security experience in the civilian world.

Do you know what the manning levels are for the CTN rate, and do they get a lot of sea duty (on a ship) billets?

We have very little in the way of PCS orders to a ship, but do have a number of billets where you go TAD to ships for various amounts of time (from two weeks to an entire deployment). We also have SPECWAR billets.

I can't give you an exact answer on manning levels. Our billet pool is expanding practically everyday as various commands learn about our capabilities and put in billet requests. I can tell you that we have a major shortage of junior CTNs (especially E-4 and below). Personally, I'm projecting a manning shortage at higher levels when the first batch of CTN convertees hit their EAOS later this year; a lot of them didn't realize what they were getting into and, frankly, aren't cut out for it.

Good luck with the conversion - word I've been getting lately is that the IT ECM/TECHAD is denying all conversions to CTN out-of-hand. I suggest you give him/her (or maybe your detailer) a call or email to see what is up.

Dirsup - my CTN conversion was just approved. Is the information you previously posted for navysailor128 the same advice you would give me now - as far as what to start studying? I probably have about a year before I'll get a seat in 'A' School to get a jump start. I would like to take as much advantage of that time as possible. Any help is greatly appreciated. By the way - is there any information on an SRB for CTN out there?

Wired,

Yes, start studying now. You should be spending some time every day either hitting the books or surfing security sites like http://www.incidents.org/ or http://www.milw0rm.com/ (plus doing/researching whatever I posted above). There is no possible way for the Navy to teach you everything you need to know about this job - you have to motivate yourself to study/research on your own.
Remember, Google and Wikipedia are your friends.

No SRB yet, but hopefully we will see one by the end of this year or early next year. The first wave of CTN convertees are hitting their EAOSs and the percentage of them that get out is what will drive SRB.

Are you a CTN now? Where are you stationed? You need to ask about the Microsoft training voucher program if you think your chain will give you some time off for school.

-CTN1 Mario D.

quote:

Originally posted by wiredblackice21:
Is the information you previously posted for navysailor128 the same advice you would give me now - as far as what to start studying?

You can print out the CTN Bib at https://www.advancement.cnet.navy.mil/bibs/list.asp

Then, goto Amazon and purchase all the books. I just did and all but one cost 99 cents + $3.99 for shipping. I was really supprised....

Most of them are out of date. The Navy refused to update the BIBs to the newer additions because so much money had been expended on buying the older one for all the commands that had CTNs. Hopefully they will update them for the March '08 cycle....

DIRSUP - I had couple more questions for you. I am looking more towards the Reserve so that I can finish my degree and get some money to finish it with. My question is in the Reserve would I have a decent shot at any "C" Schools or would that be more of an Active side of the house deal? Also, would it be hard to jump to the Active side from the Reserves as a CTN? Thanks as always for all the help!

Mr_Luko,

I really don't have enough experience with the reserve component to give you a good answer. Best advice I can give is to repost these questions in the reserve forums.

Peace,
CTN1 Mario D., CISSP (like that?...just got certified)

Uh-oh CISSP? Your going to go far with that man congrats!!!

quote:

Peace,
CTN1 Mario D., CISSP (like that?...just got certified)

...Thus is the reason why I would like to convert to CTN myself. To get CISSP I need 5 years exp. to begin with and as far as Info/Net Security, I have 0 experience. However, from the research I have done this far I know I will enjoy the challenge. I am almost 3 years in as an IT working FDNF in Japan and I want to cross-rate to CTN. I wouldn't mind staying in the Navy for another enlistment to gain experience in Network Security.

I want to become a CTN, get CISSP certified, then major in Science.

Thank you DIRSUP_KORLING for the head start on what to study. I copy/pasted that for later and favorited all those links. Any other advice for an IT3 looking to cross-rate?

I'm currently considering a conversion to CTN but also have a few questions. I looked at what CTN1 said and man wireshark is a lot easier to follow then some of the other stuff. Just showed me that my desktop in the corner still has netbios running (that lil bastard). It looks like a great program to start off with atleast. I have a few other tools i have found, and its all helping out.

I'm doing the vte classes (automatically signed up for Security+ and CISSP), and im roaring through it. I'm halfway done with S+, but is that enough info to go for the actual Cert? Same question applies to the CISSP one.. I emailed the "instructor" asking for additional references or the location of a workbook or... something. vte assigned me a due date for the s+ of oct 10th, and cissp for nov 10th. Damn, if i did both in the next month, ya think i could pick up both certs? (im expecting a loud no).

Lemme step back a sec, the CTNCM i work with stated I should have the S+ before putting in a package. My question is if it is necessary to do before putting in a package. I'm 5 classes away from an associates in CS (don't laugh, the plan was always for a BS, but I don't have enough time prior to EAOS/package submission). I could get the ASCS, but it wouldnt be for atleast 6 months...

options are a>package now no ascs or s+, b> package in 45 days w/ s+,(b1> 3 months cissp?), c> package in 6 months ascs, s+ (cissp?). Actually 6months is way too close to prd. im 12 out right now.

And as for the code question goes... I took cs classes at UT before dropping out, and they teach more theory there than anything, assembly at HPU was pretty uneducating.

*Bump* I know, lot of information. Just thought I would get some input on how to persue this. Regardless, I'm still workin on Security+ but should have it done soon.

This is the only place online that I have found an active conversation regarding this new rate. I figure its been two weeks so might as well bump it....

Oh BTW, anyone see CTN on the latest SRB list? 3.0 for zone A (but i dont qualify in zone B).

Sorry, I have been a bit busy lately. The chain decided to make me department LPO and at the same time operations NCOIC for my shop. Plus I'm teaching a night class now at a local community college...

Try to knock out Network+ and Security+ before you put in your conversion package, but don't hold it up for certs. Your current rank/rate has a lot more to do with the conversion than current quals/certs/education. The quals/certs/education help though if you are a border line case (i.e. CREO 2 to CREO 2).

The sooner you submit the package the better. You don't want to put yourself in the position of getting slammed for orders if your conversion is denied.

Good luck,
CTN1 Mario D.

*bump* Muaahaha. Yah just wanna keep this topic going. Why? Because there is *no one* talkin about this rate anywhere. I'm still waiting on my SCI to get cleared, and my record isn't perfect. But.. if they are spending *two years* to get it done, hopefully it will go through. I heard from an OPM guy that they dont even do polygraphs anymore because people get to nervous about them.... or something like that. I know i would be.

And i think ARP is pointless. I dont get it. Why do we need ARP on a lan? it just opens another avenue for something to go wrong or be hijacked with arp poisoning. Thats my big question for security+... speaking of, i've been slacking, i'm still in the middle of Domain 3 on vte. Maybe I'll do that at work today.

I hope i can get orders to NIOC Texas... I dont wanna be stuck at Kunia. Hawaii sucks. My kids keep asking to go on vacation and we have to tell them no cos it costs too much to leave. Oh and for anyone reading this, NIOC Kunia is moving to NCTAMS! Yay. And they're tearing down our housing over here to make townhomes and leaving the "historic" homes (aka crap) for renovation. Stupid NIOC.

CTN1 put out a lot of good information. I agree that this conversation should continue as there is very little information regarding the CTN rate available. I've asked numerous other CT's about the CTN rate and none of them have a clue.

I, too, will be taking the CTN route via the Reserves in the next few months. After 6 years as an ET and constantly tinkering with the "IT's" network, they told me I should just cross-rate and become one of them. I found out about the CTN rate through the Link magazine a few months ago.

The Reserve recruiter has explained to me that in order to cross-rate I will need to complete the CTN "books", which he said take between 2-3 months for most people and be cleared for SCI. Could someone explain what BDNA is and if it applies to the Reserve side of the house? The recruiter stated I will not need the CTN 'A' school.

As for C schools, I was told that as a Reservist I'm still eligible and all it would take is a request on my part. I was also warned that by completing the requested C school, the Navy has a better chance of recalling me to use that specific skill set somewhere (i.e. sandbox).

CTN1, congratulations on the CISSP, what's the next step in your career path? Do you have any advice for someone about to test for their CISSP?

ET2

For those of you looking into the Security+ cert don't worry about it too much it isn't a hard test by any means. I had an almost perfect score on it. As for CISSP, you can test for it without having five years of experience. You get the cert and are considered an Associate until you have the five years of experience. CISSP is tough (I've talked to people with it and those studying for it), but it is worth it. I heard they will be requiring people to take security courses every year instead of every three years. Good luck everyone and any info you can supply on CTN's in the Reserves will be awesome!

Heya CTN1 D...Remember that e-mail chain we had a ways back concerning the kind of opportunities I wanted to pursue? Well I'm heading out to the sandbox in about 3 weeks to do exactly what we discussed...as a civilian. Go figure.

So I'm a SELRES and a CTN. I think that I'd be qualified to handle the Reserve side of the house re: CTN questions.

It seems the primary question here is 'How do I become a CTN in the reserves', yea?

As far as opportunity goes, it's definately there. The CTN rating is wide open in the E4-E6 range. In this last advancement cycle (081), no one took the CTN3 Exam, I was the only one who took the CTN2 exam and 4 of 5 were advanced to CTN1, so CREO ratings and opportunity at the lower levels is a non-issue. One of the big issues with getting in has been getting by the Reservist CTN Community Manager from what I've heard. He has been a bit strict with who has been allowed to convert in - with good reason. The reason for this is that a lot of the people who initially came into the CTN rating during the selection boards didn't have exactly the right skill set to be CTNs based on the required job skills & knowledge and so now they're being picky.

In terms of the skills and knowledge required to do CTN work, CTN1 Mario put up pretty much everything you will need, so there's no point for me to add to that.

In terms of training and other qualifications and certifications, I think that the Security+ is definately one of the first things you should concentrate, as it will meet DoD 8570.1 compliance (even though that's not at all our realm) and it will demonstrate that you have at least a fundamental grasp of computer security knowledge. After that, I would *HIGHLY* recommend going for your CCNA next. As far as civilian certifications go, I think you'd be fine converting with just those two. If you have your CISSP or Associate of ISC(2), then you'll be pretty much guaranteed a conversion spot, but I wouldn't worry about passing that exam just yet.

In addition to those civilian certifications, there are 3 other things I would recommend you get started on, training-wise, to include in your conversion package:

1) A degree (or actively pursuing one) in Info. Sec., Computer Science or other IT-related.

2) Various training courses available on Navy eLearning - specifically, check out the CTN Community page on NKO for a list of courses which are available and recommended. There are courses on TCP/IP, the Security+ exam and on various things Cisco. All good to take for retirement points and to show your commitment towards continuing education.

3) Carnegie Mellon's CERT/SEI VTE is an EXCELLENT traning course and is also *HIGHLY* recommended. It normally costs money, but it's free for service members and they do have a training course which teaches security concepts to prepare you for both the Security+ exam as well as the CISSP exam. There's also a very excellent course on computer forensics.

Regarding CTN "C" school opportunities - they are definately there as well. "C" school (BDNA) is highly recommended for reservists and as long as there is funding available and you can make the time and score a seat in the class, you'll be going. As ET2 pointed out though, getting that NEC after attending "C" school will absolutely incrase your chances of a recall. For more information regarding BDNA, check out the CTN/USNR page on NKO.


I think that's a good enough start for now. If anyone has any specific questions, feel free to shoot me an e-mail. And if you can't find my e-mail address, then don't even think about converting to CTN just yet.


CTN2 Caplan

This message has been edited. Last edited by: jeffcaplan,

I'm currently persuing a network management degree at DeVry and I'm studying for my CCNA, would CTN be on the same track or should I be looking at a different rating.