2014 years is coming to an end, the new job is very easy, but the total feeling is no main line, the technology has not much progress, comb the idea.
began to learn two months or so buffer overflow exploit technology, accompanied by a review of the compilation, learning ollydbg, Immunity Debugger, Ida and other debugger use, bought "Software debugging" and "a collection of beetles." Exploit technology study read the Corelan of the exploit tutorial, read 2 of the relevant paper book "Hacker Attack Technology treasure-system combat" and "gray hat hacker", and read the hidden technology of malware "the Rootkit Arsenal", But that period of time for the future of cyber security learning what remains unclear.
Behind slowly have a macro-understanding, the previous study of loopholes and debugging technology, only in the network security accounted for a small sector, even if proficient and what is the use. There is no complete knowledge system framework, learning a lot of things, also can not afford to forget, so-called not in the floating sand building platform is also so.
Summarize some of the learning directions and other problems, Memo.
Network security learning can be divided into several large modules: Security basics, security products, security testing techniques and tools, process specifications, security solutions. This is a process of learning from the bottom up to the top. First of all, understand the various security technology, application technology to achieve which products, how the product combination of the use of security solutions. While security testing techniques and tools include the use of industry tools such as penetration testing, vulnerability scanning, and code auditing, each of these tools can be very complex implementations, such as some of the data flow analysis work done by fortify, without the need to be proficient in its implementation. The study of network security is not to learn some advanced technology, but to solve the security problems encountered in the product, bigger picture is very important, the security system structure is perfect, at which point can go deep into, n years later will grow into a network security experts, rather than a technical expert.
First, the basic knowledge of security
1. Authentication and Control "authentication, access Control"
2. Cryptographic technology "encryption algorithm, integrity check, digital signature, PKI Foundation"
3. System strengthening "operating system reinforcement, database hardening"
4. Attack technology "Dos/ddos, malformed message attack, virus/worm/Trojan, XSS script, SQL injection attack, overflow attack ..."
5. Security protocol "https, SSH, SFTP, SSL/TLS"
6. Threat and Vulnerability analysis "CVSS"
7. Safety standards "..."
Second, security products
1. Certified "AD/LDAP, two factor authentication system"
2. Terminal security "access control, anti-virus ..."
3. Network security "VPN, IPS, IDS, SSL VPN"
4. Security management "vulnerability scanning and management system"
5. Application Security "Internet behavior management, mail Security gateway, deep Message detection dpi, Web security gateway, antivirus gateway, data leak prevention DLP"
Third, testing technology and tools
1. Testing technology "Penetration testing, Database security testing, Protocol security testing, vulnerability scanning, web security testing, network attack testing, configuration audits"
2. Code audit Tool "Fortify, coverity, PCLNT, etc."
3. Host Security Tool "Nessus,nmap"
4. Protocol security Tool "Xdefend, Wireshark, Nse-xstorm"
5. Business security Tools "..."
Iv. Process Specifications
1. Design Guide
2. Coding Specifications
3. Test Specification "owasp Test Guide"
4. Security procedures, regulations
V. Security Solutions
Endpoint security, cloud security, data Center security, mobile office security ...
The next step is to focus on security basics, the use of security tools , and the latest security events and solutions. Form their own set of perfect, good knowledge system. Basic knowledge in a certain item has a considerable in-depth research, to form their own unique competitiveness, and in research and development to keep their good coding ability, the programmer's book.
End-of-end summary