I disagree with almost all the other answers… for good reasons.
You are an IT student and you want to get into IT security? The way to become a security expert, is by knowing your system. Also you need to be on a reasonable level in terms of development.
So regarding other answers, NO to…
- Debian, because it’s behind on development and has poor hardware support. It’s unnecessary tedious
- RHEL, because it’s an enterprise level server operating system. Meaning, it’s only interesting if you want to become an enterprise level sys admin
- Kali, because it’s a beginners choice and you are going to run into tons of trouble. It’s a shiny object and a kiddy-toy
- Gentoo, because it’s way to deep and for system deveopers, not for security experts. It just costs you tons of time. Especially in the beginning.
- Ubuntu, because it keeps you from the learning experience and the progress you need
- Knoppix, because it’s an imposter that is little of use
- Fedora, because it isn’t even a desktop operating system. It’s a testing environment for Red Hat developers. It’s unnecessary tedious and too far in terms of development
But a few have mentioned it…
The suggestion is actually to start with Arch Linux. Had I known enough about it, I would have skipped the Ubuntu experience right away. Arch is doable for people without prior experience and with a bit of genuine interest, it should be doable for an IT student.
Why Arch?
Because it gives you not only a stable system, but actually the learning experience. It has a great Wiki and manuals. It requires you to learn about the inner workings of Linux and according system. It doesn’t hide the truth behind a clicky-thingy. You do it manually in plain sight. Arch has taught me more in one year, than other distros in more than 10 years. And it was certainly not as hard as most people would think or depict it. IT security is not for the fainthearted. You need to make a lot of progress fast.
Furthermore, Arch is a just in the right spot in terms of development. It’s not as far ahead as Fedora and not as far behind as Debian. Also, Arch is very versatile and highly reliable. And Arch is a very vanilla distro. Meaning, what works for Arch, works for many other distros (that use systemd) too. Meaning, if you start with Arch, you can go wherever you want from there. I still maintain a few Ubuntu setups, I use Arch on like 10 Raspberries around the clock, I’ve installed it on a bay trail device with 32 bit boot loader and 64 bit kernel, I’ve moved full dual boot setups, including activation, settings, data, everything… even from bigger to smaller hard drive, I’ve recently added a Rasbian/Debian web server with a mailing system to my stuff… I run a number of other headless servers, I use Kodi on Arch Linux as media player… all based on the knowledge that Arch gave me!
Arch Linux teaches you the inner workings of the system, without going to deep and wasting your time. It might not go deep enough (right away), but it certainly doesn’t keep you from it and it’s certainly a great starting point to get a good understanding of various involved topics and basics like Linux, operating systems, system management, networking, servers,… you name it.
And as if that was not enough, for IT security I would suggest, you look into BlackArch. You don’t even need to use BlackArch itself. You can import the tools on Arch directly. As I said, from Arch you can go wherever you want. So, if after that you still think you need toys for average users like Ubuntu or Kali, you are wrong in the IT field.
Arch is exactly where you wanna be as an IT student. It gives you a solid system, a great learning experience and a great starting point.
==========================================
If this answer was helpful for you, please don’t forget to upvote it on Quora.