As a person who has been learning network security for 3 years, I have completely experienced the basics from 0 (the university major is a design major) to enjoying the benefits of learning network security. When others are still struggling to find information on the Internet, Just type the code directly, and the data will be done naturally; grabbing tickets and grabbing things is one step faster, it’s really not too cool!
Of course, in addition to these daily benefits, money is the most important thing, and the salary has also doubled from the previous 4K+ to 8k+.
If you don’t learn such an easy skill, get up quickly. In fact, you can get started quickly with 0 basics, and it’s not as difficult as you imagined.
Self-learning network security is easy to get confused after learning. Find the source of the problem and solve it. So first, let’s talk about what misunderstandings usually occur when learning the direction of network security. There will be surprises later.
1. The misunderstanding of network security learning
1. Don’t try to learn cybersecurity based on programming
Don't start learning network security based on programming. Generally speaking, learning programming not only has a long learning cycle, but also transitions to network security and uses programming. There are not many key points of programming used. If ordinary people want to learn programming well and start learning network security, it often takes a long time, and it is easy to give up halfway. It is suggested that in the process of learning network security, what can not be filled, which is more purposeful and less time-consuming. Learning programming can determine how far you can go on the road of network security, so it is recommended that you learn some basic programming knowledge by yourself
2. Don’t start with deep learning about cybersecurity
Learning pays attention to this method. It needs to be done step by step, from shallow to deep, and gradually increase the difficulty. Many people learn vigorously at the beginning, and it is easy to get tired later. The more they learn, the more boring they may be. It's easy to give up.
3. Collect Appropriate Study Materials
There are many online security learning materials online. And many friends have "collection addiction". They collect a lot of books and dozens of videos at once. They feel that the more learning materials the better, but the learning materials on the Internet are extremely repetitive. It is recommended to choose learning materials that are accessible to the general public.
4. Appropriate class registration
Many people think that enrolling in classes is a waste of money, and that self-study is good, but in fact, self-study also requires a certain talent and understanding, and the self-study cycle is longer, some impatient customers or customers who are eager to find a job, still sign up for classes It is relatively easy to learn, the learning period is not long, and there will be a lot of things to learn. It is recommended that learners choose whether to enroll in the class according to their own conditions.
2. Some preparations for learning network security
1. Hardware selection
Learning network security does not require a computer with high configuration. The computer used by hackers is never selected according to high configuration, as long as it is stable. Because of some programs used by hackers, low-end CPUs can also run very well, and they don't take up much memory. The hacking is carried out under the DOS command, and the computer can be used in the best condition.
2. Software selection
Many people will be entangled in learning hackers whether to use Linux, Windows or Mac system. The Linux system is not friendly to newbies. The Windows system can also use a virtual machine to install a target machine for learning. Of course, the system is selected according to the learner's own feelings.
As for programming languages , Python, PHP, C++, and Java are all available. Learning programming is just a tool, not an end. Our goal is not to become a programmer , but to become a network security officer. Programming is just to understand the program.
3. Foreign language ability
Computers were first born at the University of Pennsylvania . Many nouns or codes are in English. It takes a week to translate a vulnerability into Chinese. During this time, the loopholes may be patched. If you don't understand some professional terms, you will also have obstacles when communicating with other hackers, so you need a certain amount of English and understand some professional terms.
3. Network security learning route
Phase 1: Getting Started with Basic Operations
The first step to getting started is to learn some current mainstream security tool courses and supporting books on basic principles. Generally speaking, this process takes about 1 month.
While studying basic introductory courses, read relevant books to supplement theoretical knowledge at the same time . Here are some recommended books:
"White Hats Talk about Web Security"
"Deep Analysis of Web Security"
Practical Guide to Web Security Attack and Defense Penetration Testing
Phase Two: Learning the Basics
At this stage, you already have a basic understanding of cybersecurity. If you study the first step carefully, you already understand what is sql injection and what is xss attack , and you have mastered the basic operations of security tools such as burp and cs. The most important thing at this time is to start laying the foundation! The so-called "foundation" is actually a systematic study of basic computer knowledge.
The third stage: actual combat operation
1. Mining SRC
The purpose of digging SRC is mainly to put the skills into practice. The biggest illusion in learning network security is to feel that you know everything, but when it comes to digging the loopholes, you can’t do anything. More is to carry out practical operations and apply theoretical knowledge. To practice, to ensure a better grasp of knowledge points.
2. Learn from technology sharing posts Watch and study all the posts excavated in the past ten years, and then build an environment to reproduce loopholes, think and learn the author's digging thinking , and cultivate your own penetrating thinking.
at last
After sorting out your own knowledge framework and knowing how to learn, the next step is to fill the framework with content
For example, Zhihu, or station B , there are many people sharing their learning materials, but I think a big problem here is that they are incoherent and imperfect, and they are confused after learning. Here is a collection of zero-based introductory materials such as network security. If you need it, you can give it a thumbs up.
For students who have never been exposed to network security, we have prepared a detailed learning and growth roadmap for you. It can be said that it is the most scientific and systematic learning route, and it is no problem for everyone to follow this general direction.
