Network security learning portal

Others 2019-12-13 16:09:02 views: null

First, network security skills requirements

1, master all kinds of network security principles and practice:

TCP/IP、VLAN/Trunk/MSTP/VRRP/802.1x、OSPF/BGP/MPLS、IPsec/SSL

2, master the use of mainstream network and security tools:

GNS3、Cisco PT、eNSP、SecureCRT、Wireshark、Solarwinds

3, master of mainstream network security equipment debugging and troubleshooting commands:

Cisco, Huawei, Wah, Rui Jie, Juniper, Fortinet, the Green League, deeply convinced, Talent ......

Router, switch, firewall, IDS / IPS, AC / AD, VPN

4, master network security architecture and design:

Enterprise networks, government networks, education network, data center network design and deployment

 

Second, the network security recommended book list:

"CCNA Study Guide" * "Wireshark network analysis and real."

"TCP / IP Detailed Volume" * "Wireshark packet analysis and practice"

"LAN Switch Security" "DDoS attack prevention and depth of analysis." 

"Cisco Firewall" "Cisco VPN Configuration Guide completely"

"Network Security Principles and Practice," "Cisco Secure Intrusion Detection System"

"Network security technology and solutions," "Computer Network Practice Guide - Based on GNS3 Network Simulator"

"Huawei firewall technology Talk", "Internet Business Security Advanced Guide"

"Cisco Network Hacking Exposed"

Third, network security tools recommended

GNS3: Cisco Security Network simulator can simulate the firewall, intrusion detection, VPN technology;

Cisco Packet Tracert: Cisco official produced fool simulator;

eNSP: Huawei official produced a network / security simulator, support USG firewall products;

SecureCRT: and Xshell, are the most common terminal login and command operations software;

Wireshark: capture the best use of the software, the world's open source network security tools top1;

Nmap: The most powerful port scanner can scan scripting engine based vulnerability scanning;

Vmware: operating system platform virtual environments, making the virtual machine used to make safety testing;

Visio: best use of mapping software, Microsoft Publisher, support a variety of network topology, flow charts;

Cain: the strongest attack under Windows LAN and decryption tool;

Ettercap: a complete cross-platform functionality LAN penetration attack tools;

Hping3: Powerful TCP / IP packet generation tools for firewall testing and security audits.

Fourth, network security learning

1, after the first network security

First through the network protocol and topology design of learning, able to build a business network / campus network, then the introduction of LAN security, firewall, intrusion detection, VPN and other security technologies, so that the whole network security gradually become up, so as to see the whole network security of the whole picture.

2, Qin Qin get caught doing experiments

Currently the major network security vendors and has a corresponding simulator was no longer requires hardware support can simulate complete the whole project on your computer. By supporting the simulator, do the experiment, familiar with the major manufacturers of command set, in order to verify that the network and security principles learned; more importantly, to get used to using WIreshark such as packet capture tool, the underlying protocols and observation analysis. For example, to study the safety of IPsec VPN, in addition to master complex command test, more should be done is to establish a VPN tunnel through the process of packet capture analysis, so you can see more underlying implementation, the memory can be even more profound.

 

web security study

1, security theory: HTTP protocol, OWASP TOP10, PETS, ISO 27001 ......

2, the back-end security: SQL injection security, file upload, Webshell, the file contains, command execution ......

3, front-end security: XSS XSS, CSRF CSRF ......

4, Penetration Testing: Kali Linux, Metasploit, Nmap, Nessue, Meterpreter ......

5, security products: Web Vulnerability Scanner (Burp / WVS / Appscan), WAF (Web Application Firewall), IDS / IPS (Web intrusion prevention), host protection ......

6, more than one programming language

7, Windows / Linux and other server operations and security reinforcement;

8, MYSQL, Oracle and other database operations and security hardening:

9, Web framework and the development of independent Web site

 

Recommended reading list

"White hat talking about Web security"

"Web safe depth analysis"

"Metaspolit penetration testing devil training camp"

Guess you like

Origin www.cnblogs.com/haohang/p/12035531.html
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com