* Source: https://blog.egsec.cn/archives/402
EDITORIAL:
The film article is written for community learning network security classmates a little how-to articles, we all know, our school and there is no network security of this profession, all the learning we will be completely on self-study, community safety team is to establish a network whatever for everyone to provide the best resources to help you. The film content of the article is just my personal opinion, not comprehensive, and I was a trainee CTF just getting started, everything is self-learning, is not comprehensive, there is no systematic study had, on their own need to find more resources. I wish you intend to engage in business network security students Come on! Theory is boring, but all need to practice theory to support!
For just set foot in the security sector students, without a teacher led case study on how full of confusion network security, network security is a comprehensive discipline relates to the field is very broad, often refers to network hardware, software, and data their systems are protected against accidental or malicious reasons of which suffered damage, alteration, disclosure, reliable operation continuously normal, the network service is not interrupted. Network security includes network security equipment, network information security, network security software. Broadly speaking, all related to the network confidentiality, integrity, availability, authenticity and controllability of relevant technical information and theory are network security research field. Network security is a comprehensive discipline involves a variety of disciplines of computer science, network technology, communication technology, cryptography, information security technology, applied mathematics, number theory, information theory, etc.
So much content, just getting started for a white, it just started scratching their heads, so I listed my learning according to their study, work and experience, hope to help more school brother school sister.
0x00 basic computer knowledge:
First learning network security, to understand and master the basic knowledge of computers, commonly used software. - This is by far the most basic things.
Need to learn the basic use of software or technology there are: Word, VMware, VPN, Visual Studio, FireFox and plug-ins, an editor, learn how to capture, compile and run the program, use Baidu Google query data, etc., to master the use of search engines, equivalent to master all the resources on the network, with pick.
0x01 C language basis:
Learning the basics of the C language, regardless of whether the programming direction, I think there need to understand some of the C language, can write simple C code. We need to think big you can not use God as an operating system written in C, what we want is programming ideas, it is to perform logic and thought process.
Here, I recommend introductory books are: Hemopurification "C Programming" book to wash a bit messy, a little basic needs of people watching, "C and pointer", if never find out about C, it is recommended to a treasure buy Tsinghua University Publishing House of C language point of view, to write more comprehensive. Or go to the school library to borrow an easy to learn C is also available. C language is a big mountain for the early entry of students, but once turned over the mountain, will be the front Yimapingchuan. If you want in-depth study of C language, "C and pointer" This book will be your best choice.
0x02 web security infrastructure:
You need to understand a variety of common web application vulnerabilities (know what it is, how to form): SQL injection, XSS, CSRF, upload vulnerability, parsing vulnerability, any file that contains the vulnerability, clickjacking, weak passwords, cookie deception, will use some common intrusion detection tools and aids, and the invasion of some lower factor of safety web applications. To be able to determine the type of a hash of the password, can identify some common web fingerprints, search on the Internet can target relevant information to understand a word and Trojans will use and so on.
Learn surrounding knowledge about web security, often to see some technology forum or blog Great God, his best has set up a blog to record and share their understanding of the knowledge points. But you can also learn to share with others.
0x03 common Windows commands:
Elected to do penetration testing of students, in particular, need to learn some commonly used windows command (using the best side edge of simulation exercise), especially intrusion detection is frequently used commands, such as net user, net localgroup, net use, net share, net start, arp, whoami, regedit, tasklist, find, cp, mkdir, del, dir, print ......, I will write later in a number of related commands in Windows will blog for your reference, but you can also go to search search engine, do not wearies, network security is to wash hands in order to acquire more knowledge. To be able to write some of your own batch scripts to complete repetitive tasks. Script this thing, will always accompany you on your way network security.
0x04 data structure:
There go the direction of the development of the students, it is necessary to learn, students in the other direction can be properly informed.
After learning the C language to a certain stage, you can begin to understand the data structure and C language complement each other, we can say that in the latter part of the C language learning, good for our C language knowledge were consolidated. When the study is completed after the data structures can write some of ACM's title race, and I saw some people in the community also participated in the ACM Programming Team.
0x05 Windows Programming:
After studying the data structure is completed, I think it is a watershed of. Do penetration direction will not have to continue deep
into the Windows programming, we can continue to accumulate experience in network security, but development and reverse the students need to learn a programming windows.
Windows programming is nothing more than read MSDN, familiar with the usage of each windowsAPI, usually try to think of good ideas can be written as a program, to increase their amount of code accumulation.
windows programming is a process of accumulation, need to get to know each API, so the learning curve was not nervous.
0x06 web security accumulation period:
In fact, the accumulation is a long process, so I do not sub-period. Who are able to park in as blog, csdn, watching the snow, like the Security Section of the security community and we can discuss more attention to the latest technology, vulnerabilities, usually pay attention to gathering the causes of each vulnerability, using the method of repair methods, and try looking for opportunities online combat. During this time you can also learn a scripting language, when mastered a handy scripting language can be faster and more convenient to do a lot of targeted attacks.
0x07 assembly language
Assembler is a basic course for the future of the reverse break, vulnerability discovery, Trojan free to kill study had a direct impact, while studying windows programming can begin to learn assembly. Learn about the 16-bit assembly language, know the basic grammar, focus on 32-bit compilation of learning. Learning assembly language program can be combined with C to write their own, their written program debugging, step through each one in assembly language, do not know to check.
0x08 reverse break
After learning basic grammar compilation is complete, you can begin to learn to selectively reverse, crack-related operations. In the process of learning can reverse the assembly instructions before learning to use familiar recommended books: "Encryption and decryption"
0x09 a scripting language
Do penetration testing is particularly important for the direction of the students, for the students to do the development can also learn a scripting language.
I recommend python or php, python can learn quickly develop some targeted scripts, and learn php can try digging web vulnerabilities. But also to grasp the regular expression.
0x10 Linux use
Penetration students learn during this time can be divided into two paths, one web security, and second, network penetration. emphasis on web security web application vulnerability discovery and exploit, analyze emphasis on network environment within the network penetration, network computer exploits. Internal network computer belongs to the most important Linux, so learn to use Linux-based Linux build all kinds of services, maintenance, repair exploits is a must. Recommended books: "Bird Brother Linux private kitchens" a very good book.
0x11 Trojan free to kill
After completion of reverse learning, it can be divided into several small direction: deep crack, exploit, Trojan free to kill. After the Trojans to make their own writing, you need most is free to kill. If you write a virus, Trojan horse can not run, will not help. Free to kill success is luck, experience, inspiration, technique, patience aggregate, are indispensable. So although many people try to learn, but in the end can really be perfect, not many people recommended books: "Hackers attack and defense to avoid killing."
Binary 0x12 Exploit Vulnerabilities
After completion of reverse learning, it can be divided into several small direction: deep crack, exploit, Trojan free to kill. Exploit the technical requirements which high returns are the most lucrative, so many large cattle gathering place. Learning exp need to have a solid foundation for C, C ++, and there is one pair of eye problems found. It may just be a software crash or error message in the eyes of others, in the eyes of exper can be endless wealth.
0x13 network environment using the server with win
After Linux based learning to a certain extent, you can begin learning network, how to use a variety of services within the internal network computer is turned on, to achieve the purpose of penetration into the target machine. Of course, but also learn to use Windows servers, to understand what is a domain, how to use the various services in the windows environment. Because the next big network of personal computers in general, the target machine is windows system.
0x14 Windows core programming
In Windows programming can learn to a certain extent after the start of core programming, in fact, not much difference between the two, but more emphasis on some of the core programming mechanisms windows kernel. When your technology is not limited to the future development of desktop applications, Trojan horses, viruses, these systems closer to the bottom of things not only meet the requirements. This book is for the development of future students do not must-see: "Windows core programming", "Arabian Nights", "trees and fishing alone."
These are the summary of the process of learning, as a reference.
The following is a mind map to learn about network security I find online.
For 11, with the back of the original image Download
● Network Security Introduction
● scanning and defense technology
● network monitoring and defense technology
● password cracking and defense technology
● spoofing attack and defense technologies
● Denial of Service Supply and defense technology
● buffer overflow attack and defense technology
● Web Attacks and defense technology
● Trojan attack and defense technology
● computer viruses
● network security and future development
View link: https://blog.egsec.cn/archives/402
Accessories: Mind Map Download
At last:
Learning Network security also need to learn network security law, to know what can and what can not be done, a law brink of discipline, and we all have to learn to hold their own bottom line. Do not apt to attack invading someone else's computer!