Network security system tutorial + learning route (self-study notes)

Enterprise 2023-06-24 21:46:23 views: null

 1. What is Network Security

Network security can be classified based on the perspective of attack and defense. The "red team" and "penetration testing" we often hear are research on attack technology, while the "blue team", "security operation" and "security operation and maintenance" are research on defense technology.

Regardless of the field of network, web, mobile, desktop, cloud, etc., there are two sides of attack and defense. For example, web security technology includes both web penetration and web defense technology (WAF). As a qualified network security engineer, you should be both offensive and defensive. After all, you can win every battle if you know yourself and the enemy.

2. How to plan network security

If you are a newcomer in the security industry, I suggest that you start with network security or web security/penetration testing.

It is worth mentioning that, to learn network security, it is the network first and then the security ; to learn web security, it is also the web first and then the security .

Security does not exist independently, but is an upper-layer application technology based on other technologies. Breaking away from this foundation, it is easy to become a theory on paper, and become "knowing what it is, not knowing why it is", and it is difficult to go far on a safe career path.

  • If you were originally engaged in the operation and maintenance of network workers, you can choose to get started in the direction of network security;
  • If you were originally engaged in program development, it is recommended to choose the entry direction of web security/penetration testing.

Of course, after learning a certain degree or having a certain work experience, the technical coupling in different directions will become higher and higher, and you need to know a little bit in each direction.

According to the above table of network security skills, it is not difficult to see that there are still many technologies that network security needs to be exposed to.

Common skills to learn:

  • Peripheral management capabilities
  • Fishing remote control capability
  • domain penetration,
  • Traffic Analysis Capabilities
  • Vulnerability mining capability
  • Code auditing capabilities, etc.

    【一一帮助安全学习,所有资源一一】
    ①网络安全学习路线
    ②20份渗透测试电子书
    ③安全攻防357页笔记
    ④50份安全攻防面试指南
    ⑤安全红队渗透工具包
    ⑥网络安全必备书籍
    ⑦100个漏洞实战案例
    ⑧安全大厂内部视频资源
    ⑨历年CTF夺旗赛题解析
    【一—评论区留言告诉我即可一一】

3. There is a lot of knowledge about network security, how to arrange it scientifically and reasonably?

1. Basic stage

  • Cybersecurity Law of the People's Republic of China (including 18 knowledge points)
  • Linux operating system (including 16 knowledge points)
  • Computer network (including 12 knowledge points)
  • SHELL (contains 14 knowledge points)
  • HTML/CSS (including 44 knowledge points)
  • JavaScript (including 41 knowledge points)
  • Introduction to PHP (including 12 knowledge points)
  • MySQL database (including 30 knowledge points)
  • Python (including 18 knowledge points)

The first step to getting started is to systematically learn basic computer knowledge, that is, to learn the following basic knowledge modules: operating system, protocol/network, database, development language, and common vulnerability principles .

After the previous basic knowledge is learned, it is time to practice.

Because of the popularization of the Internet and informatization, the website system has more external businesses, and the level of programmers is uneven and the configuration of operation and maintenance personnel, so there is more content to be mastered.

2. Penetration stage

  • Penetration and defense of SQL injection (including 36 knowledge points)
  • XSS related penetration and defense (including 12 knowledge points)
  • Upload verification penetration and defense (including 16 knowledge points)
  • The file contains penetration and defense (contains 12 knowledge points)
  • CSRF penetration and defense (including 7 knowledge points)
  • SSRF penetration and defense (including 6 knowledge points)
  • XXE penetration and defense (including 5 knowledge points)
  • Remote code execution penetration and defense (including 7 knowledge points)

 

Master the principles, usage and defense of common vulnerabilities. In the web penetration stage, you still need to master some necessary tools.

The main tools and platforms to master: burp, AWVS, Appscan, Nessus, sqlmap, nmap, shodan, fofa, proxy tools ssrs, hydra, medusa, airspoof, etc. The practice of the above tools can be practiced with the above open source shooting range, which is enough up;

3. Safety management (upgrade)

  • Penetration report writing (including 21 knowledge points)
  • Level Protection 2.0 (including 50 knowledge points)
  • Emergency response (including 5 knowledge points)
  • Code audit (including 8 knowledge points)
  • Risk assessment (including 11 knowledge points)
  • Safety inspection (including 12 knowledge points)
  • Data Security (including 25 knowledge points)

It mainly includes the preparation of penetration reports, grading of network security level protection, emergency response, code audit, risk assessment, security inspection, data security, compilation of laws and regulations, etc.

This stage is mainly for those who have been engaged in network security-related work and need to be promoted to management positions.

If you only study to participate in engineering positions, you can learn or not at this stage.

4. Ascension stage (ascension)

  • Cryptography (including 34 knowledge points)
  • Introduction to JavaSE (including 92 knowledge points)
  • C language (including 140 knowledge points)
  • C++ language (including 181 knowledge points)
  • Windows Reverse (contains 46 knowledge points)
  • CTF Capture the Flag (including 36 knowledge points)
  • Android reverse (contains 40 knowledge points)

Mainly including cryptography, JavaSE, C language, C++, Windows reverse, CTF capture the flag, Android reverse, etc.

It is mainly aimed at the knowledge that needs to be improved to improve the advanced security architecture after already engaged in network security related work.

If you really want to get started with web security through self-study, then I suggest you take a look at the following learning roadmap, how long to learn each knowledge point, how to learn, the total self-study time is about half a year, and the personal test is effective (there is a surprise at the end of the article ):

1. Concepts related to web security (2 weeks)

  • Familiar with basic concepts (SQL injection, upload, XSS, CSRF, one-sentence Trojan horse, etc.).
  • Google/SecWiki through keywords (SQL injection, upload, XSS, CSRF, one-word Trojan horse, etc.);
  • Read "Mastering Script Hackers", although it is very old and has errors, it is still possible to get started;
  • Watch some infiltration notes/videos to understand the whole process of actual infiltration, you can Google (infiltration notes, infiltration process, intrusion process, etc.);

2. Familiar with penetration related tools (3 weeks)

  • Familiar with the use of AWVS, sqlmap, Burp, nessus, chopper, nmap, Appscan and other related tools.
  • To understand the purpose and usage scenarios of such tools, first use the software name Google/SecWiki;
  • Download the backdoor-free versions of these software for installation;
  • Learn and use, specific teaching materials can be searched on SecWiki, for example: Brup's tutorial, sqlmap;
  • Once you have learned these commonly used software, you can install Sonic Start to make a penetration toolbox;

3. Infiltration combat operation (5 weeks)

  • Master the entire stages of penetration and be able to independently penetrate small sites.
  • Look for infiltration videos on the Internet to watch and think about the ideas and principles, keywords (infiltration, SQL injection videos, file upload intrusion, database backup, dedecms exploits, etc.);
  • Find a site/build a test environment for testing by yourself, remember to hide yourself;
  • Thinking about penetration is mainly divided into several stages, and what work needs to be done in each stage, such as this: PTES penetration testing execution standard;
  • Study the types of SQL injection, injection principles, and manual injection techniques;
  • Study the principle of file upload, how to truncate, double suffix deception (IIS, PHP), analysis vulnerability exploitation (IIS, Nignix, Apache), etc., refer to: upload attack framework;
  • Study the principles and types of XSS formation, the specific learning method can be Google/SecWiki, you can refer to: XSS;
  • To study the method and specific use of Windows/Linux privilege escalation, you can refer to: privilege escalation;
  • You can refer to: Open Source Penetration Testing Vulnerable Systems;

4. Pay attention to the dynamics of the security circle (1 week)

  • Pay attention to the latest vulnerabilities, security incidents and technical articles in the security circle.
  • Browse daily security technology articles/events through SecWiki;
  • Pay attention to practitioners in the security circle through Weibo/twitter (if you encounter a big cow’s attention or a friend’s decisive attention), take time to check it every day;
  • Subscribe to domestic and foreign security technology blogs through feedly/fresh fruit (not limited to domestic, usually pay more attention to accumulation), if you don't have a feed, you can look at the aggregation column of SecWiki;
  • Cultivate the habit of actively submitting security technical articles to link to SecWiki every day for accumulation;
  • Pay more attention to the latest list of vulnerabilities, and recommend a few: exploit-db, CVE Chinese library, Wooyun, etc., and practice when encountering public vulnerabilities.
  • Follow the topics or videos of domestic and international security conferences, and recommend SecWiki-Conference.

5. Familiar with Windows/Kali Linux (3 weeks)

  • Learn Windows/Kali Linux basic commands and common tools;
  • Familiar with common cmd commands under Windows, such as: ipconfig, nslookup, tracert, net, tasklist, taskkill, etc.;
  • Familiar with common commands under Linux, such as: ifconfig, ls, cp, mv, vi, wget, service, sudo, etc.;
  • Familiar with common tools under Kali Linux system, you can refer to SecWiki, "Web Penetration Testing with Kali Linux", "Hacking with Kali", etc.;
  • If you are familiar with the metasploit tool, you can refer to SecWiki, "Metasploit Penetration Testing Guide".

6. Server security configuration (3 weeks)

  • Learn server environment configuration, and be able to discover security problems in the configuration through thinking.
  • IIS configuration under Windows2003/2008 environment, pay special attention to configuration security and operation permissions, you can refer to: SecWiki-configuration;
  • The security configuration of LAMP in the Linux environment mainly considers running permissions, cross-directory, folder permissions, etc., you can refer to: SecWiki-Configuration;
  • Remote system reinforcement, restrict user name and password login, and restrict ports through iptables;
  • Configure software Waf to strengthen system security, configure mod_security and other systems on the server, see SecWiki-ModSecurity;
  • The Nessus software is used to perform security detection on the configuration environment and discover unknown security threats.

7. Script programming learning (4 weeks)

  • Choose one of the scripting languages ​​Perl/Python/PHP/Go/Java to learn programming of commonly used libraries.
  • Build a development environment and choose an IDE. The PHP environment recommends Wamp and XAMPP. The IDE strongly recommends Sublime. Some Sublime skills: SecWiki-Sublime;
  • Python programming learning, learning content includes: grammar, regularization, files, network, multi-threading and other common libraries, recommend "Python Core Programming", don't read it;
  • Write the exploit of the vulnerability in Python, and then write a simple web crawler, see SecWiki-crawler, video;
  • Learn PHP basic grammar and write a simple blog system, see "PHP and MySQL Programming (4th Edition)", video;
  • Familiar with the MVC architecture, and try to learn a PHP framework or Python framework (optional);
  • To understand the layout or CSS of Bootstrap, you can refer to: SecWiki-Bootstrap;

8. Source code audit and vulnerability analysis (3 weeks)

  • It can independently analyze script source code programs and find security problems.
  • Familiar with the dynamic and static methods of source code audit, and know how to analyze the program, see SecWiki-Audit;
  • Find and analyze the vulnerabilities of open source programs from Wooyun and try to analyze them yourself;
  • Understand the causes of Web vulnerabilities, and then search and analyze them through keywords, see SecWiki-Code Auditing, Advanced PHP Application Vulnerability Auditing Technology;
  • Study the formation principles of web vulnerabilities and how to avoid such vulnerabilities from the source code level, and organize them into a checklist.

9. Security system design and development (5 weeks)

  • Be able to build your own security system and put forward some security suggestions or system architecture.
  • Develop some practical security gadgets and open source to reflect personal strength;
  • Establish your own security system and have your own understanding and opinions on company security;
  • Propose or join the architecture or development of large security systems;
  • Watch yourself develop~

at last

After sorting out your own knowledge framework and knowing how to learn, the next step is to fill the framework with content.

At this time, we can also have many choices, such as CSDN, such as Zhihu, and station B. There are many people sharing their learning materials, but I think a big problem here is incoherence and imperfection. Some of the tutorials that are shared for free are all here and there.

If you really want to learn by yourself, I can share with you these tutorials that I have organized and collected. There are not only web security, but also penetration testing and other content, including e-books, interview questions, pdf documents, videos and related courseware. Notes, I have already learned, you can leave a message in the comment area to tell me.

The advice to my friends is to think clearly that there is no shortcut to self-study network security. In comparison, systematic network security is the most cost-effective way, because it can save you a lot of time and energy costs.

The advice for self-taught friends is to persevere. Now that you have come to this road, although the future seems to be difficult, as long as you grit your teeth and persevere, you will eventually get the effect you want.

Guess you like

Origin blog.csdn.net/jazzz98/article/details/131207280
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com