From the beginning to learn this profession began two years have passed, although the technology is not ye, but still a bit their own ideas on the profession.
Now, in order to help the school out what game, or to write tutorials, help is on the one hand behind the school brother who QuickStart, on the other hand some of their knowledge of the next record, so these things are also based on the information security of the game written.
OK, do not say much, just start.
According to related content and game title match to go their own learning curve, really is to give priority to explain what things to learn these things, then the order is implemented progressively, as their learning progress on their own schedule.
The first part: the entry-level
A: System
1.windows
windows this stuff will be honest with you, and now are basically with win10, and some may still use win7, win8 sandwiching the estimate of people with nothing. . . But this is not the point, then obviously we will use the system, why should mention here that the reason Well ,,, game needs. . . (Feeling that a bunch of nonsense)
Usually we are using some of the basic operation of the windows, many things are possible even with the mouse to complete (yes, that is the legendary "CRUD"), remote game terminal used more, and the system version of the terminal and internal environment is not included in published before the release of the title race this time, in view of this uncertainty, consider using a pure command line interface is the most secure, it is necessary to skillfully use the command prompt.
Of course, although the command prompt basically can solve all problems, but the system version is a very important thing, for now, the system may occur when the game is mainly the old system, such as 2003server this. . . (Well, in fact, I think Tucao, almost 0202 years, still use things a decade ago). So the question becomes, now that some people have never seen xp, 2003 server system estimates have not seen ,, after all, even if there is a company with such a server system, but also began to learn never went to class, since the match is going to appear this thing, it would still have to learn. . .
2.linux
"Ah, what the hell!" It is estimated that the first impression of the new computer science. . But look at all the blog, should not have linux is not know what, even if I do not know, sorry, for the game, do not know they have to know.
The linux Well on the one hand to learn the basic commands of what ah, that white is the basic operation is similar to learning windows, on the other hand is the system, the system is open source, then ,, ,, ,,, what extent does the open source road race here to learn including kali, ubantu, centos three of the more common system kali ,,, which is the most important, information security Well, how should collect information Well, gather information necessary to scan ah what, kali there are a lot of things, for many, slowly sweep, and sweep can not just hold a tool, perhaps with customary tools in the game when it was emasculated, like a bow and arrow than usual have been trained on the battlefield do not bow to you, to you crossbow, although all can shoot, but usually not used but also the scene of college, and his teammates are not, find their own way and take time to explore not necessarily get out of this situation do the authors also ask the enemy? Oh yeah, the game when no phone is not outside the network, Baidu? nonexistent.
II: Network
First explain here that the network is the most basic network infrastructure, including the transmission of data, ah, ah encoding, protocol ah ,,,,,, these things are basically very basic theoretical knowledge, not necessarily very proficient, but be sure to understand, because the level of understanding of these theories determine the depth of the case on the court at the same level operation to solve the problem, mentioned above, the game Baidu Han, do not even think, so when problems arise wisdom game the importance of network-based manifested, simply give chestnut: D ,, first time out of the game a little nervous when the device is not connected, the device needs to put together yourself, but also your own network cable do, then how crystal head line sequence row, how the device with ip address, remote firewall ports to connect switches how then, how even the tools, which are involved in network infrastructure, because at that time ip address with the wrong lead before the half-hour familiar with the environment time is being wasted, and now looking back I think is ** not **.
In addition, the network is also in this area, then configure the switch, router, firewall based on these basic stuff, so the network is very important, usually you do not see, surprised by the time.
Part II: Class started
A: System Services
Most people see this estimate will be forced to look ignorant. . "This is hell, just not a system Well !!"
Sorry, this title, focus on service, the system is only incidental. . . Why do you say ,,, because priority to understand the specific content of services, and then to compare the difference between them according to the system. The services mentioned here, mainly to serve on a server provided by the client, such as DHCP, DNS, WEB, etc., in view of the current game, not much content within the network penetration, the key is WEB penetration. WEB, it is mainly to understand including but not limited to the role of directories and files, databases, websites, these types of things.
II: exchange of routing and security device configuration
Finally time to say there can be practical operation of the contents of the game to score points in the too hard. . .
1. exchange routing
Reason, this can actually be divided inside the network, but Well, configured to exchange routing may exist out in a simulated environment and real environment, and secondly, then, depending on the equipment of the game, the configuration may be different, so this will need to pure reality device manually resolve, and solve these problems on the basis of the content network.
2. The security device
This is some very special things, network-based, but is an important part of the network inside the other extracted, its main role is to protect the network security devices including firewalls words, the behavior of these logs. . . To sum up, then ,, exchange routing configuration in order to be able to communicate, and safety equipment is to ensure the security of network communications on the basis of energy.
Three : Programming
This start programming? Yes, that's right, do not doubt, but this is not a very high-end programming, after all, this is the level of difficulty to get started, it will not start in three minutes as black soul as a boss to persuade you to come play a refund.
Content only need to learn some programming python, to understand some of the basic variables, functions, classes, modules and basic syntax on the line, the game lets you fill in something from inside the program, instead of writing something, which is like cloze, missing Han Han fill, you can find a regular, rather than writing ,,, but some people seem to be writing seemingly simple point. . .
Show you:
a = 1
x = input("x=")
if x == str(1):
print("x=a")
if x != str(1):
print("x=b")
The above is the original Code
a = 1
x = input("x=")
if x == str(1):
print("x=a")
if FLAG != str(1):
print("x=b")
This is the code of the title race, he will ask you to submit the value of FLAG makes files can be run properly (because some code can run, but run half will get an error, normal operation is not being given), this time as just need x FLAG have submitted points, so in fact, does not require high programming skills, but this is just an example child, please be specific fill in what the content according to the script, of course, he's also possible to import the module name as FLAG, this will slightly mind about the whole thing.
Part III: Strengthening level
A: Reverse
This I do not want to say what he learned compilation, completion to learn C, it might in the process by the way the buffer overflow figured it out.
II: infiltration
Just system service which was about a little something about WEB penetration, but penetration if not just WEB, network penetration is also very important thing, the network penetration involved, including network, exchange routing firewall, program these things, more integrated, but why it more difficult, mainly because it is difficult to find direct test environment, and the existing environment and individual ownership of the technology gap is large, simply put, to find all kinds of information learned penetration, but can not find to the point of penetration, I managed to find one, but they do not penetrate into it this case, for those who have the environment I really envy.
Three: CFT
Capture the Flag, detection technology and strengthen thinking skills, information security, and it matches a slight resemblance, but much harder to CTF can play as an exercise program to enhance the nature.
Part IV: Supplement
In this part, it says something to note
According to the game content, system hardening may occur, environmental reinforcement (reinforced what the website), then that is the extent of knowledge of this problem, the game title out after also can find some way related to the reinforcement according to the title match.
Content square before the game not to give the whole letter, it is best not to have a sense of luck, such as "this thing should have" consider the best, "If this thing is not how to do."
Spot a variety of problems may occur, it is most probably Murphy in trouble, many ways to solve problems, think calmly always there, of course, to solve and to what extent depends on the skill level and experience, and perhaps the original when friends get out of some Internet operations will be a wonderful wonders in the field.
Competition for the examination paper and the corresponding answer is not necessarily, sorry, although I said flag is above that, but it is the following one.
The said almost these, the latter will gradually release some of the specific technical content herein, this so: D
By:MelonNys