Two years ago I started being interested in hacking. Now I'm getting a job with a great consulting company in the field of penetration testing.
First, you probably have a fair amount of windows operating system knowledge. If you want to learn and expand your horizons fastest, learn a linux. As another posted linked to backtrack, I agree that this is my (and many others') favorite linux based penetration and security testing (hacking) operating system.
It is a customized linux operating system pre-loaded with hundreds of useful tools. I started learning on this.
Now that you're running linux, get familiar using the command line. This is CRUCIAL. Learn the underlying way networks communicate, TCP/IP and how wireless networks work; you'll see how insecure most really are.
In backtrack, I would first learn how to set up networking (see their tutorials on their amazing forums) then look into the aircrack-ng tools. You'll be cracking your WEP encrypted wireless network by the end of the day. Look at the youtube videos on aircrack WEP as well.
It's so ridiculously easy to do, I have to keep reminding myself to reset my router to whatever security I'm trying to break instead of taking the smaller amount of time to simply run the attack on any of my neighbors.
Next learn about SSL and certificates and then learn how to make your own (this is important as I will show later.
Why am I saying so much about learning and research? Because you want to know the inadvertent repercussions of any attack you may run. Some things that seem innocuous as a scan, could be so network intensive that they bog down everything on the network until the scan finishes.
On that note, learn about nmap. This is an incredibly useful tool, but use it judiciously, as it can flood the network if you tell it to do too much (by default it doens't, though).
Next look into using Ettercap and sslstrip to steal your own banking password.
I was lazy and didn't remake the default ssl certificate in backtrack and I believe that because of this Bank of America told me that they were giving me a new credit card number at the end of the month, and were monitoring my account for a possible breach of security. I used a commonly used hacking os (backtrack) to connect to my banking account while running this attack, so that probably set off flags which caused my account change.
After that, check out metasploit and you'll be neck deep into penetration testing and quite an accomplished beginner, hopefully hungry for even more!
But definitely learn linux through backtrack.
http://www.backtrack-linux.org/downloads/
Go to that link, download the iso, google isoburner, download one of those programs (I like the first one, ActiveISO) and then burn the iso the a CD using the tool you just downloaded.
Then all you need to do to get started is put the cd in, shut down your computer, and reboot using the cd. You don't even need to install anything, but it is helpful if you do eventually, and makes things a lot faster.
If you have any questions feel free to email me. This is really a passion of mine and I hope you enjoy it as much as I have. joesmoe4297@gmail.com
There are a million other useful tools as well, eg., netcat, ping, ssh....Just start learnign about one and keep feeding your thirst for knowledge.