foreword
Network security is not difficult, getting started with network security is even easier! Don't be fooled by its mysterious coat.
As long as you listen to my explanation carefully, although there is no guarantee that you will become a master, no matter how poor your learning ability is, you can still reach the entry level.
Into the title
01. Simple understanding of network security
To put it bluntly, network security means that the data in the network system is protected from being destroyed. And our security engineers engaged in network information security work, of course, the main job is to design programs to maintain network security.
Network security engineer is a general term that also includes many positions, such as security product engineer, security analyst, data recovery engineer, network architecture engineer, network integration engineer, security programming engineer and so on.
All work content includes security assessment, risk assessment, security service, firewall, intrusion detection, cloud protection, system attack and defense, code audit, etc.
Of course, these positions have nothing to do with you at this stage, I just want to let you know that the industry of network security is also a great place. What you have to do now is to learn the basic knowledge well, and one day in the future, maybe you will be able to get in touch.
02. Network Security Introduction Learning Route
In fact, there are not many things to learn for getting started with network security, that is, network foundation + operating system + middleware + database. The four processes are almost the same.
1. Network Security Law and Understanding Computer Basics
Including the basics of operating system Windows and Linux, the basics of markup language HTML and code JS, as well as the use of network foundations, database foundations and virtual machines.
Don't look at a lot of things, in fact, they are all very simple basic knowledge, and you can master them after reading them. Students majoring in computer science should be familiar with it and can skip it. Don’t panic if you haven’t studied it before, you can read some more literature or go to station B to watch related videos, or watch the following one.
Click to receive the CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" for free sharing.
After learning http and https to capture packets, you can understand what it is saying.
2. Network foundation and programming language
3. Start with Web Security
The web is open to the outside world, so it has naturally become the key target of hackers. If there is nothing to do, they will come to invade. Do you think it will work no matter what!
If we want to learn web security well, we must first understand how the web is built, and only by knowing its structure can we strike accurately. So you need to know a little bit about the web front-end and web back-end knowledge, and then learn some python, at least you have to understand some codes.
Finally, you need to know more about website development knowledge, but don't be nervous, just learn the basics.
After you have finished learning these in a few weeks, you are basically qualified as an entry-level penetration engineer. See the key points of my target!
Students can come to consult me if they have any difficulties in the learning process. Only by answering your doubts, I will not be confused in the daily coding life. Your consultation can make me rejuvenate, come and save me!
To formally enter the field of web security, you must learn web penetration, OWASP TOP 10 and other common web vulnerability principles and utilization methods need to be mastered, such as SQL injection/XSS cross-site scripting attack/Webshell Trojan horse writing/command execution, etc.
This process is not boring. Wouldn’t it be beautiful to grow while killing monsters and leveling up? Every attack method can make you play with joy, and there are always more wretched methods waiting for you to practice.
After learning about web penetration, you have to master related system-level vulnerabilities, such as ms17-010 Eternal Blue and other Microsoft MS vulnerabilities, so you need to study and then infiltrate. Everyone may not know what to say here, but it doesn't matter, you will find it very simple after you learn web penetration.
In fact, after learning these steps, you will be officially promoted from a novice Xiaobai to an entry-level student. It is really not difficult, and you can do it yourself.
4. Security system
This roadmap has been detailed to what content to learn every week and to what extent. It can be said that the web security roadmap I compiled is very friendly to newcomers. In addition, I also compiled corresponding If you need it, I can also share some of it (the confidential part cannot be shared). If you need it, you can click on the CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" to share for free
03. Epilogue
However, we can only be regarded as penetration test engineers at this level, and we can only do basic security services. There are still many businesses in this field, such as offensive and defensive drills, security assessments, risk assessments, etc. Our capabilities are not enough.
Therefore, if you want to become a qualified network engineer and get an offer from a security company, you need to master more network security knowledge and improve your ability to a higher level. Even if you enter an enterprise in the future, you still need to learn a lot of new knowledge. If you don't enrich your skills, you will be eliminated.
From the perspective of the development of the times, the knowledge of network security is endless, and there will be more to learn in the future. Students must correct their attitudes. Since they choose to get started in network security, it is not just the level of entry, the stronger the ability The more opportunities there are.