Who's freshman year is not confused? How to get started with network security?

Hi everyone, this is Jay Chou.

It's the end of the year recently, and I have to be busy with a lot of things at work. I haven't chatted with you for a long time.

Recently, many classmates, especially freshman freshmen, are asking me similar questions:

The things to learn about network security are so complicated, I can’t find the direction, I

classmates are studying xxx, am I going to learn it?

has limited energy. What programming language should I learn? I'm afraid of choosing wrong

Recently, I got off work relatively early, and I plan to write an article to help you solve your doubts.

To be honest, it is normal for everyone to have these doubts. Whose freshman year is not confused? I have also been confused.

During the freshman year, I joined the school’s information security association and started learning about network security.

Asked a teacher to talk about Trojan horse technology, so everyone swarmed to study Trojan horse programming.

We also invited security teams from other universities to conduct technical exchanges, so everyone swarmed to learn about network penetration.

The seniors who were already working were also invited to do vulnerability analysis and reverse engineering, so everyone went to learn assembly language in a swarm.

Just say, are you confused?

Looking back, I actually missed a lot of effort and took a lot of detours.

How to get started?

Freshman students mainly lay the foundation. The three most important computer courses are:

1. Computer network

2. Operating system

3. Principles of Computer Composition

These three courses are the cornerstones of computers. Whether it is a student who wants to develop in the future or a student who wants to be a network security student, laying the foundation well will be a great help to further study in the future.

Like many students who studied cybersecurity halfway through their careers, they lacked this piece of content when they came into contact with a lot of knowledge about offense and defense and vulnerabilities. And if you lay these foundations well when you are in school at the beginning, and then contact the offensive and defensive confrontation techniques in cybersecurity, you will be more confident. You will understand these techniques from the appearance to the internal principles, and you will learn more solidly.

For students who like to engage in website attack and defense, server intrusion and protection, the most important thing is to study computer networks. It takes great effort to learn the network level, local area network technology, network protocol, especially DNS and HTTP. Capture packets by yourself to observe the real data packets in the network, and conduct comparative study with the network protocols mentioned in the book to understand how computer networks work.

After learning computer network, then learn simple Web front-end and back-end development technology, understand common front-end and back-end development frameworks, what is Ajax, what is cross-domain, and think about how the website is developed by yourself, and then learn the official introduction to Web security With the foundation of front-end and back-end development and understanding of the working mechanism of the web, it is possible to better understand the principles of offensive and defensive methods in web security.

For students who like to engage in reverse engineering, software vulnerabilities, and cracking, focus on learning the operating system and C/C++ programming language. With these foundations, you will know how the software is developed, and you can understand it when you encounter related problems in the future. Be more thorough, and then learn reverse engineering, assembly language, and debugging techniques to get started step by step.

To sum up, security, to put it bluntly, is the subject of studying operating systems, software, websites, servers, and network protocols. You can't just start from one aspect and learn security directly. We have to cut in from another aspect to know how they were developed, what framework language they used, and what their operating mechanism was. Only by taking both sides into consideration can we learn safety well.

In addition, it should be noted that network penetration and binary security are two different directions. Both directions have their own emphasis. It is best to think carefully about where you are interested. Do you prefer to think about reverse analysis of program code or engage in website server attack and defense? . There is a good way out in both directions, mainly combining their own interests. Don’t be anxious and follow the trend when you see what others are learning. Learn this today and that tomorrow, and fail to learn the last two well.

Choice of programming language

Next, let's talk about the choice of programming language again.

The choice of programming language for the network security staff can be considered from the following aspects:

1. Use it to develop network security tools and learn Python decisively

For network security, I often write tools, crawlers, exploits, and the like. Therefore, it is very necessary to master a programming language and do some simple development. In this case, learn Python decisively.

Python is easy to use, powerful, and has a short learning cycle. It can be used in as little as a week if someone takes it.

2. Learn binary security, learn C and C++ decisively

Binary security research often requires decompilation, reverse analysis, debugging and analysis of program files, and most of these program files are written in languages such as C and C++. If you don’t understand the basic characteristics of these languages, it’s difficult to go well. Study their safety mechanisms.

Binary security research is a direction closely related to the operating system platform, so it is necessary to earnestly learn the knowledge of the operating system. And through learning C, C++ and other low-level languages, it is also very helpful to learn the operating system.

3. Learn Web security, network penetration, learn Java, PHP, Python

Network penetration, especially the direction of web security, in fact, the object of your research is to learn the security capabilities of these web servers and exploit their vulnerabilities. So of course, we must choose the most widely used programming language on the Internet and website servers.

At the moment, Java is the dominant player in this field. In addition, there are many small and medium-sized companies that use PHP and Python in the backend.

For example, the log4j vulnerability that has been normalizing these days, if you don’t know anything about the Java language, then this vulnerability may only be fun.

Next time, maybe a vulnerability in the Python Flask framework will be exposed. If you don't know Python Web development, you will have this embarrassment.

Here comes the question: do I have to learn so many back-end languages?

In fact, although there are many web back-end languages and frameworks, they all have similarities. To put it bluntly, it is an HTTP dynamic response program. It is easy to learn one to learn the other.

Moreover, as far as the security direction is concerned, paying attention to extensive research does not make you need to study in depth like a back-end development programmer. Every technology stack should know about it. One day a certain language framework vulnerabilities can be found by yourself. The direction to study and know how to repair security reinforcement.

In addition, I have here a zero-based entry network security learning roadmap

Students in need can click the portal self-collect

[Road map for beginners to advanced learning]

Okay, I’m going to write here today. If you have any questions, you can leave a message in the comment area to let me know.