i want to know everything

[IHateKeithSmart]

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
My question is this:

I can read and read, but I feel that on more practical subjects (specifically programming, computer protocols etc), I can explain the theory all day long, but when asked to say, write a buffer overflow, I have a lot of trouble. What is the best way to get better at the practical side of what you are studying?

[/ QUOTE ]

Get a job or real project doing it.

[/ QUOTE ]

What if that isnt feasible?

[/ QUOTE ]

I wouldn't worry about an actual job if you're interested in learning about things like buffer overflows. This is very much a self learned thing. I've been in computer security since about 98 and many of the best vuln researchers I know are self taught. It definitely takes a certain kind of personality to be great at it (patient, very analytical, creative), but I would say anyone with some C experience (and ideally some assembly knowledge) can get the general hang of it.

I would suggest grabbing some halfway popular open source applications, and peeping through the source code (I'm assuming you're familiar with the concept of buffer/stack/heap overflows, and are now interested in writing code to exploit these?). Now is a much better time to be trying to learn this stuff, as there is so much mainstream guidance out there. Always remember - gdb is your friend!