Learning Computer Security
About This Guide
This is an opinionated guide to learning about computer security (independently of a university or training program), starting with the absolute basics (suitable for someone without any exposure to or knowledge of computer security) and moving into progressively more difficult subject matter.
It seems that most people don't realize how much information is actually available on the internet. People love to share (especially geeks) and everything you need to become well versed in computer security is already available to you (and mostly for free). However, sometimes knowing where to start is the hardest part - which is the problem that this guide is intended to address. Therefore, this guide can accuratley be described as a 'guide to guides', with additional recommendations on effective learning and execises, based on my own experiences.
Many of the free resources are the best resources and this guide focuses on them. It is intended to provided a comprehensive plan for learning about computer security as inexpensively as possible. However it's not completely free. As the guide moves onto more complicated materials, more 'non-free' resources are referenced, as they become some of the best available sources of information.
The introductory & intermediate sections contain materials & recommendations that I considered to be fundamental knowledge for any computer security discipline. They are oritiented towards more 'practical' knowledge and hands-on learning than the latter sections, which delve more deeply into the necessary theory (but are also accompanied by recommendations how to get practical experience).
One of the things I realized while writing this was that by the time someone got to the advanced & expert sections, this guide will be of little use as they'll know enough about computer security to know what they need to study on their own. Those sections are intended more of us a 'look-ahead' for a novices, to give them some exposure of what they're getting themselves into.
Some intresting articles on getting started in computer security:
- How to Break Into Security
- What I Wish I Knew Before Studying Computer Security in College
- The Security Mindset
- Hacker's Manifesto
Learning computer security is a huge endevour. There is lots of research on 'optimal learning' techniques.
- Teaching Smart People How to Learn
- The lesson you never got taught in school: How to learn!
- Learning How to Learn: Powerful mental tools to help you master tough subjects
- How to Use Google Search More Effectively
Because there are so many materials to study, I recommend taking advantage of your 'dead-time.' With some basic tools, you can study at the doctor's office, while waiting in the car, on breaks at work, etc.
The basic requirement is a reading device. A used kindle can be picked up off craigslists for as little as 25
If you can, get a device and preload it with the books and videos referenced below. Keep it with you at all times and get accustomed to studying whenever an opportunity presents itself.
If you find that you have lots of 'dead-time', then a good addition to your 'portable training kit' would be a small-form-factor notebook running linux. These can be had for as little as 50$ off craigslist. A slightly more expensive option (but with much better hardware) would be to get a new chromebook & install linux on it.
Hands-on experience is the cornerstone of learning computer security. This can come in many forms. This guide provides the several recomendations as effective ways to gain this experience:
- The introductory section focuses on getting familiar with virtual machines and windows-alternative operating systems to accomplish this task.
- The intermediate section provides several suggestions for various tasks that build on this knowledge.
- The advanced and expert sections focus on gaining this experience through ctf challenges.
Introductory Level Learning
The introductory learning section focuses on exposure to alternative operating systems & learning about fundamental networking technologies. These are required skillsets for any discipline in computer security.
Before we move onto any advanced concepts, we first need to get familiar with virtualization, the some windows-alternative operating systems, and basic networking concepts. This can take quite a bit of time and there are no 'definitive' goals, which can be frustating for goal-oriented minds.
Get comfortable with 'virtual machines.' You're going to need to work on lots of systems - playing with internals, breaking them, setting up labs etc. Desktop virtualization is one of the most resource-efficient way to make this happen. The following are some resources on getting this process started.
- The Beginner's Guide to Creating Virtual Machines with VirtualBox
- Oracle VM VirtualBox User Manual
- VMware Virtualization Overview
Networking Lab with Virtual Machines
Networking is about 'how computers commmunicate' and to get hands on experience, we need to have multiple computers at our disposal that can be reconfigured quickly. The most effective way to do this is with light-weight virtual machines. I recommend having a desktop or laptop with at least 8GB of memory (16GB preferred) and a solid state drive (128GB+) that will run virtualbox. The solid state drive will greatly improve the performance of this sytem when working with multiple virtual machines.
We can leverage very minimal operating systems with minimal amounts of RAM on our host system to run lots of these simultaneously and construct virtual networking labs.
I recommend experimenting with openwrt. OpenWRT is a lightweight linux distrubtion customized to run on networking hardware. However, we also run OpenWRT in virualbox relatively easily with minimal resources, to get some more in-depth hands-on-experience with networking fundamentals. A guide to running OpenWRt in virtualbox is available here.
I recommend setting up a 5$/month virtual server using digitalocean. This provides a basic introduction to command-line only access to an operating-system as well as a test bed for playing with server configuration. Be aware that this server is "on the internet" anyone can get to it and without the proper knowledge of how to secure it, it will be vulnerable and potentially get compromised. Until you are comfortable in your knowledge of linux and how to secure a server, I would not store any data on this machine that you wouldn't hand out freely to anyone. This machine, like any other virtual machine, can be rebuilt easily and on demand, which is ideal for learning on.
DigitalOcean provides various tutorials that are practical in nature and provide some immediate, hands-on exposure to the basics. Some good starting materials are:
- An Introduction to Cloud Hosting
- How To Create Your First DigitalOcean Droplet Virtual Server
- An Introduction to the Linux Terminal
- Basic Linux Navigation and File Management
- An Introduction to Linux Permissions
- An Introduction to Linux I/O Redirection
- How To Set Up SSH Keys
- How To Connect To Your Droplet with SSH
- How To Use Top, Netstat, Du, & Other Tools to Monitor Server Resources
- How To Use Nmap to Scan for Open Ports on your VPS
- Initial Server Setup with Ubuntu 14.04
- Additional Recommended Steps for New Ubuntu 14.04 Servers
- How To Set Up a Host Name with DigitalOcean
- An Introduction to Securing your Linux VPS
One of the most important tasks to learn at this point is how to find information. Take care to become very familiar with the linux man page documentation. Learn how to search the documentation and how to find the information you're looking for - this will be one of the most valuable resources at your disposal.
Remember to read the following:
man man man apropos
Intermediate Level Learning
The intermediate section delves deeper into more funadamentals, heavily focused on the linux operating system, additional tools, and basic scripting (programming in high-level languages), which is an essential skillset for any any discipline in computer security.
Things To Do
- Study & monitor your shell server logs. Figure out how to identify malicious traffic and ensure that it's being blocked.
- Setup a cloud server and secure it.
- Setup a command-line irc client on your cloud server and run it in a persistent shell. Familiarize yourself with irc.
- Setup a command-line mail client on your server.
- Setup pgp with your command-line mail client.
- Use your shell server to tunnel traffic through an SSH proxy.
- Linux Operating System
- GNU Bash & Shell Scripting
- Sed, Awk & Gawk
- Regular Expressions
- Python Programming
Advanced Level Subjects
The advanced materials branch into advanced level subject areas. Typically, a career in computer security will require only passing knowledge from all these areas, with an in-depth knowledge of those areas specifically related to a particular career field.
The following two 'challenges' are security related and require 'thinking outside the box'. I consider them to be a good introduction to computer security.
The Linux Operating System
- Linux From Scratch
- Linux Kernel In a Nutshell
- User Mode Linux
- Linux Device Drivers, 3rd Edition
- Understanding the Linux Virtual Memory Manager
- Unix Network Programming with TCP/IP
The Windows Operating System
- Windows Internals, Part 1 (6th Edition) (Developer Reference)
- Windows Internals, Part 2 (6th Edition) (Developer Reference)
Open-Source Software Development Tools
- Machine Language For Beginners
- WikiBooks - x86 Disassembly
- Linux Assembly Language Megaprimer
- Windows Assembly Language Megaprimer
- Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
- Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration
- The Life of Binaries
- Linkers & Loaders
- Flows Analysis & Network Hunting
- Hacking Techniques & Intrusion Detection
- Introduction to Network Forensics
- Pcap Analysis & Network Hunting
- Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
Web Application Security
Expert Level Subjects
These materials dive deeply into the most advanced topics in computer security.
- The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics
- Digital Forensics with Open Source Tools
- Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry
- File System Forensic Analysis
- The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
- Rootkits: What they are, and how to find them
- Fundamentals of Cryptology - A Professional Reference and Interactive Tutorial
- Theory and Practice of Cryptography and Network Security Protocols and Technologies
- Cryptography and Security in Computing
- Applied Cryptography and Network Security
Exploitation & Vulnerabilities
- Buffer Overflow Exploitation Megaprimer
- Format String Vulnerabilities Megaprimer
- Exploit Research Megaprimer
- Metasploit Framework Course Materials
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
- Reverse Engineering for Beginners
- Introduction To Reverse Engineering Software
- Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
- The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
- Invent with Python: Hacking Secret Ciphers with Python
- Gray Hat Python: Python Programming for Hackers and Reverse Engineers
- Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
- Black Hat Python: Python Programming for Hackers and Pentesters
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
- Reverse Engineering Malware
- Computer Security Manuals & References
- Computer Security Challenges