How does Xiaobai get started with network security?

News 2023-07-12 02:49:16 views: null

foreword

Since I have written a lot of stories and articles related to network security technology, many readers know that I am engaged in network security-related work, so people often ask me:

I'm just getting started with network security, what should I learn? What to learn? What are the directions? How to choose?

Unlike Java, C/C++ and other back-end development positions that have a very clear learning route, network security is more to be explored by oneself, and there are many things to learn, which is difficult to form a system.

Friends who often read my articles know that my articles basically focus on technical output based on stories, and rarely talk about the workplace and interviews. The main reason is to consider that everyone is under a lot of pressure and the pace is fast. The official account is a place for everyone to relax, and try to write some light content. However, as more and more people ask me the above questions, I will write a special article today to show off this dragon formation.

In recent years, as network security has been listed as part of the national security strategy, the development of this subdivided field has accelerated a lot. In addition to some traditional security vendors, some major Internet companies have also increased their investment in this area. , followed by attracting more and more fresh blood pouring in.

Network Security Branch

In fact, on top of the concept of network security, there is a bigger concept: information security. This article does not discuss the difference between the two academic divisions. If there is no special explanation, it will be regarded as a concept in the article. Let's take a look at the subdivision routes in the actual work direction.

In this circle technology category, jobs mainly have the following three directions:

  • Security R&D

  • Security Studies: Binary Direction

  • Security Research: Network Penetration Direction

Let's explain them one by one.

Security R&D

There are two main categories of R&D posts in the security industry:

  • R&D positions that have little to do with the security business

  • R&D positions closely related to security business

You can understand network security as the e-commerce industry, education industry and other industries. Every industry has its own software research and development, and network security is no exception as an industry. The difference is that the research and development of this industry is the development and network security business. related software.

That being the case, there are common jobs in other industries in the security industry, such as front-end, back-end, big data analysis, etc., which belong to the first category above and have little to do with security business. Here we focus on the second type of R&D positions closely related to security business.

This category can be further divided into two subtypes:

  • Do security product development, do defense

  • Do security tool development, attack

The products to be developed by the security industry mainly (but not limited to) include the following:

  • Firewall, IDS, IPS

  • WAF (Web Application Firewall)

  • database gateway

  • NTA (Network Traffic Analysis)

  • SIEM (Security Event Analysis Center, Situational Awareness)

  • Big Data Security Analysis

  • EDR (Security Software on End Devices)

  • DLP (Data Leakage Prevention)

  • antivirus software

  • Security Detection Sandbox

To sum up, most of the security research and development products are used to detect and defend against security attacks, involving the terminal side (PC computer, mobile phone, network equipment, etc.) and network side.

The technologies used to develop these products are mainly three technology stacks of C/C++, Java, and Python, and there are also a small number of GoLang and Rust.

Compared with the other two directions, security R&D positions have lower requirements for network security technology (only relatively, the R&D of some products does not have low requirements for security skills), and I have even seen many R&D companies that have nothing to do with security. Know. In this case, if you have an understanding of network security technology in addition to basic development skills, it will naturally be a bonus item when you interview for these positions.

For security R&D positions, in addition to the requirements for general development skills, you can focus on the following technologies:

The above list is only the most directly relevant part, and you need to know more security technologies to develop products better, continue to look down.

binary security

Binary security direction, which is one of the two major technical directions in the security field.

This direction mainly involves software vulnerability mining, reverse engineering, virus and Trojan horse analysis, etc., and involves operating system kernel analysis, debugging and anti-debugging, anti-virus and other technologies. Because we often deal with binary data, binary security is used to collectively refer to this direction over time.

The characteristic of this direction is: need to endure loneliness.

It’s not as good as security research and development, which can have real product output, and it’s not as cool as the direction of network penetration. This direction spends more time in silent analysis and research.

Taking vulnerability mining as an example, it takes a lot of time just to learn various attack techniques. In this field, it may take months or even years to study a problem, which is definitely not something that ordinary people can persist. Not only that, success is not achieved through hard work, but more on talent.

People like the heads of Tencent’s major security laboratories, well-known TK leaders in the industry, and Wu Shi have already mastered the profound meaning of vulnerability mining and have mastered this stunt. They can think of new ways to play in their dreams. But geniuses like this are really rare and beyond the reach of most people.

If programmers are hard-working, then binary security research is hard-working Plus.

If you still have the courage to enter this field after reading these, then the following things you need to learn:

Compared with security research and development, this direction is not only more technically difficult, but there are few companies that provide these positions, and they are basically distributed in several first-tier cities in Beijing, Shanghai, Guangzhou and Shenzhen.

network penetration

This direction is more in line with most people's perception of "hackers". They can hack mobile phones, computers, websites, servers, and intranets, and everything can be hacked.

Compared with the direction of binary security, this direction is easier to get started in the early stage. After mastering some basic technologies, you can hack with various ready-made tools.

However, if you want to change from a script boy to a master hacker, the further you go in this direction, the more things you need to learn and master:

The direction of network penetration is more inclined to "practical combat", so there are higher requirements for the breadth of technology, from network hardware devices, network communication protocols, network services (web, email, files, databases, etc.), to operating systems, attack Methods and so on need to know. I am more inclined to be an all-round computer expert, who can integrate various technologies for "actual combat".

The work in the direction of network penetration has the following directions:

Security service, commonly known as Party B, is the most important direction, providing security capability support for Party A's company, such as penetration testing, product security testing, etc.

Security capacity building, commonly known as Party A, domestic companies with a small scale have their own SRC (Security Emergency Response Center), that is, their own security team.

National team: you know

learning route

 After talking about the three major technical directions above, let’s talk about how to get started? Let me talk about my opinion below.

First of all, don't try to divide the direction, lay the foundation first!

Step 1: Computer Basics

This first step, in fact, has little to do with network security, but the basic ability that anyone entering the IT field must master. The following five major courses are the best technologies that the university teachers taught us no matter what technical direction you are in. Now it seems that they are still not outdated:

  • computer network

  • Principles of computer composition

  • operating system

  • Algorithms and Data Structures

  • database

In fact, each of these courses has its own universe, and basically it cannot be mastered in one study, but along with everyone's career, different technical stages will have different understandings and feelings.

For specific learning, it is recommended to refer to agile development and continue to iterate: have a rough understanding -> have a further understanding -> thoroughly grasp -> review the past to learn the new. Don't be obsessed with learning all of a course before moving on to the next one.

Step 2: Programming ability

After having some of the above basic skills, it is time to start writing some codes and hone your programming skills.

The following three are the languages ​​that practitioners in the security industry are best able to master:

  • Shell script

Master commonly used Linux commands, be able to write simple shell scripts, and handle some simple affairs.

  • C language (C++ optional)

C language has no complicated features. It is the ancestor of modern programming languages. It is suitable for writing low-level software. It can also help you understand computer knowledge such as memory, algorithms, and operating systems. It is recommended to learn it.

  • Python

C language helps you understand the bottom layer, and Python helps you write functional software such as network, crawler, data processing, and image processing. It is a programming language that programmers, especially hackers, love very much and have to learn.

Step 3: Safety First Experience

With the foundation of the previous two steps, it's time to get in touch with some network security technologies. At this stage, don't circle yourself and only learn technologies in a certain direction. At this stage, my suggestion is: but when dabbling, see the past.

Network protocol attack, web service attack, browser security, vulnerability attack, reverse cracking, tool development, etc., to get in touch with it, know what it is, and discover your own interests in the process, so that you can understand various fields of network security. The technology has a preliminary understanding.

Step 4: Divide the direction

In the third step, slowly discover your interest points, whether you like to develop various tools, or like to hack websites, or are you obsessed with host computer attacks...

At this time, you can think about the direction behind you, and then start to focus on this direction, and continue to cultivate deeply through the technologies in the respective directions in the above mind map, and become a master in a certain field.

study method

The above introduces the technical classification and learning route, here to talk about the learning method

  • Reading and learning, this is the most basic

  • Hands-on, the development route needs to write more codes, read excellent open source codes, analyze more samples in the binary route, write EXP, etc., use more website practice for penetration testing (legal method), etc.

  • Play CTF, participate in some network security competitions, and exercise your hands-on ability in an environment close to actual combat

  • Mix circles, mix more communities, communities, and forums that are haunted by security experts, master industry information, and understand the latest technology trends

Summarize

The above are some of my personal suggestions for friends who are new to network security. Finally, there is one point that needs to be explained:

The technologies in different directions listed above are not strictly independent. On the contrary, they often complement each other and need to be combined and integrated.

Everyone's perception is limited, and I am no exception. This article is just my family's opinion. I suggest that you read more people's summaries and experiences, and compare them horizontally.

Guess you like

Origin blog.csdn.net/Forget_liu/article/details/131584260
Recommended
The sixth meeting of openKylin Community Ecology Committee was successfully held
Alibaba Cloud officially releases Tongyi Qianwen 2.5
Python 3.13 releases first Beta: experimental free-threading mode and JIT, improved interactive interpreter
Stack Overflow used my code to train large AI models and banned my account.
Pop!_OS’s COSMIC desktop completes App Store listing
Report: Django is still the first choice for 74% of developers
"Internet Investment and Financing Operation in the First Quarter of 2024" Research Report
15 years ago, he was on the "FFmpeg pillar of shame", and today he still has to thank us - Tencent QQPlayer avenges its shame?
Ranking
Python handwritten digit recognition, the corresponding mathematical formulas and Detailed procedures
Der M-Chip-Mac implementiert mehrere Android-Emulatoren
CentOS 명령줄 모드에서 화면이 항상 켜져 있도록 설정 ---- 예상한 효과를 얻지 못했습니다.
Teach you step by step how to use GDB to debug programs: a comprehensive guide from entry to mastery
python3 pip ipython installation
A lot of python crawler source code sharing -- talk about the little thing about python crawler
Agile Sprint in Alpha Stage (7)
Access URL in Unity
FunctoinDemo form
MS SQL common SQL statements (6): create, modify, delete triggers and other operations sq
Daily
More
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)

Code World

© 2018 codetd.com