This is an opinionated guide to learning about computer security (independently of a university or training program), starting with the absolute basics (suitable for someone without any exposure to or knowledge of computer security) and moving into progressively more difficult subject matter.
It seems that most people don’t realize how much information is actually available on the internet. People love to share (especially geeks) and everything you need to become well versed in computer security is already available to you (and mostly for free). However, sometimes knowing where to start is the hardest part - which is the problem that this guide is intended to address. Therefore, this guide can accuratley be described as a ‘guide to guides’, with additional recommendations on effective learning and execises, based on my own experiences.
Many of the free resources are the best resources and this guide focuses on them. It is intended to provided a comprehensive plan for learning about computer security as inexpensively as possible. However it’s not completely free. As the guide moves onto more complicated materials, more ‘non-free’ resources are referenced, as they become some of the best available sources of information.
The introductory & intermediate sections contain materials & recommendations that I considered to be fundamental knowledge for any computer security discipline. They are oritiented towards more ‘practical’ knowledge and hands-on learning than the latter sections, which delve more deeply into the necessary theory (but are also accompanied by recommendations how to get practical experience).
One of the things I realized while writing this was that by the time someone got to the advanced & expert sections, this guide will be of little use as they’ll know enough about computer security to know what they need to study on their own. Those sections are intended more of us a ‘look-ahead’ for a novices, to give them some exposure of what they’re getting themselves into.
Getting Started
Computer Security
Some intresting articles on getting started in computer security:
- How to Break Into Security
- What I Wish I Knew Before Studying Computer Security in College
- The Security Mindset
- Hacker’s Manifesto
Learning Effectively
Learning computer security is a huge endevour. There is lots of research on ‘optimal learning’ techniques.
- Teaching Smart People How to Learn
- The lesson you never got taught in school: How to learn!
- Learning How to Learn: Powerful mental tools to help you master tough subjects
- How to Use Google Search More Effectively
Time Management
Because there are so many materials to study, I recommend taking advantage of your ‘dead-time’. With some basic tools, you can study at the doctor’s office, while waiting in the car, on breaks at work, etc. The basic requirement is a reading device like a smartphone or tablet.
If you can, get a device and preload it with the books and videos referenced below. Keep it with you at all times and get accustomed to studying whenever an opportunity presents itself.
If you find that you have lots of ‘dead-time’, then a good addition to your ‘portable training kit’ would be a small-form-factor notebook running Linux. A slightly more expensive option (but with much better hardware) would be to get a new chromebook & install Linux on it.
Practice
Hands-on experience is the cornerstone of learning computer security. This can come in many forms. This guide provides the several recomendations as effective ways to gain this experience:
- The introductory section focuses on getting familiar with virtual machines and windows-alternative operating systems to accomplish this task.
- The intermediate section provides several suggestions for various tasks that build on this knowledge.
- The advanced and expert sections focus on gaining this experience through ctf challenges.
Introductory Level Learning
The introductory learning section focuses on exposure to alternative operating systems & learning about fundamental networking technologies. These are required skillsets for any discipline in computer security.
Before we move onto any advanced concepts, we first need to get familiar with virtualization, the some windows-alternative operating systems, and basic networking concepts. This can take quite a bit of time and there are no ‘definitive’ goals, which can be frustating for goal-oriented minds.
Desktop Virtualization
Get comfortable with ‘virtual machines’. You’re going to need to work on lots of systems - playing with internals, breaking them, setting up labs etc. Desktop virtualization is one of the most resource-efficient way to make this happen. The following are some resources on getting this process started.
- The Beginner’s Guide to Creating Virtual Machines with VirtualBox
- Oracle VM VirtualBox User Manual
- VMware Virtualization Overview
Networking Lab with Virtual Machines
Networking is about ‘how computers commmunicate’ and to get hands on experience, we need to have multiple computers at our disposal that can be reconfigured quickly. The most effective way to do this is with light-weight virtual machines. I recommend having a desktop or laptop with at least 8GB of memory (16GB preferred) and a solid state drive (128GB+) that will run VirtualBox. The solid state drive will greatly improve the performance of this sytem when working with multiple virtual machines.
We can leverage very minimal operating systems with minimal amounts of RAM on our host system to run lots of these simultaneously and construct virtual networking labs.
I recommend experimenting with OpenWRT. OpenWRT is a lightweight Linux distrubtion customized to run on networking hardware. However, we also run OpenWRT in VirtualBox relatively easily with minimal resources, to get some more in-depth hands-on-experience with networking fundamentals. A guide to running OpenWRt in VirtualBox is available here.
Cloud Virtualization
I recommend setting up a 5$/month virtual server using DigitalOcean or Amazon EC2. This provides a basic introduction to command-line only access to an operating-system as well as a test bed for playing with server configuration. Be aware that this server is “on the internet” anyone can get to it and without the proper knowledge of how to secure it, it will be vulnerable and potentially get compromised. Until you are comfortable in your knowledge of Linux and how to secure a server, I would not store any data on this machine that you wouldn’t hand out freely to anyone. This machine, like any other virtual machine, can be rebuilt easily and on demand, which is ideal for learning on.
DigitalOcean provides various tutorials that are practical in nature and provide some immediate, hands-on exposure to the basics. Some good starting materials are:
- An Introduction to Cloud Hosting
- How To Create Your First DigitalOcean Droplet Virtual Server
- An Introduction to the Linux Terminal
- Basic Linux Navigation and File Management
- An Introduction to Linux Permissions
- An Introduction to Linux I/O Redirection
- How To Set Up SSH Keys
- How To Connect To Your Droplet with SSH
- How To Use Top, Netstat, Du, & Other Tools to Monitor Server Resources
- How To Use Nmap to Scan for Open Ports on your VPS
- Initial Server Setup with Ubuntu 14.04
- Additional Recommended Steps for New Ubuntu 14.04 Servers
- How To Set Up a Host Name with DigitalOcean
- An Introduction to Securing your Linux VPS
Man Pages
One of the most important tasks to learn at this point is how to find information. Take care to become very familiar with the Linux man page documentation. Learn how to search the documentation and how to find the information you’re looking for - this will be one of the most valuable resources at your disposal.
Remember to read the following:
man man
man apropos
Reference Materials
Linux
- Linux Fundamentals
- The Linux Command Line
- Ubuntu Pocket Guide & Reference
- Unix In A Nutshell
- Learning the Unix Operating System
- Unix Power Tools
Networking
- The TCP/IP Guide
- TCP/IP Fundamentals for Microsoft Windows
- Computer Networking Tutorial
- Free CCNA Training from PluralSight
- DNS for Rocket Scientists
- Wikiversity - Computer Networks
Security
Intermediate Level Learning
The intermediate section delves deeper into more funadamentals, heavily focused on the Linux operating system, additional tools, and basic scripting (programming in high-level languages), which is an essential skillset for any any discipline in computer security.
Things To Do
- Study & monitor your shell server logs. Figure out how to identify malicious traffic and ensure that it’s being blocked.
- Setup a cloud server and secure it.
- Setup a command-line IRC client on your cloud server and run it in a persistent shell. Familiarize yourself with IRC.
- Setup a command-line mail client on your server.
- Setup PGP with your command-line mail client.
- Use your shell server to tunnel traffic through an SSH proxy.
Reference Materials
Linux Operating System
GNU Bash & Shell Scripting
Sed, Awk & Gawk
PGP/GnuPG
Vim
Git
IRC
Regular Expressions
Python Programming
- Non-Programmer’s Tutorial for Python 2.6
- Learn Python The Hard Way
- Dive Into Python3
- Python Cookbook
- TheNewBoston - Python Programming Tutorials
- ShowMeDo Python Tutorials
Advanced Level Subjects
The advanced materials branch into advanced level subject areas. Typically, a career in computer security will require only passing knowledge from all these areas, with an in-depth knowledge of those areas specifically related to a particular career field.
Challenges
The following two ‘challenges’ are security related and require ‘thinking outside the box’. I consider them to be a good introduction to computer security.
Subjects
Networking
The Linux Operating System
- Linux From Scratch
- Linux Kernel In a Nutshell
- User Mode Linux
- Linux Device Drivers, 3rd Edition
- Understanding the Linux Virtual Memory Manager
- Unix Network Programming with TCP/IP
The Windows Operating System
- Windows Internals, Part 1 (6th Edition) (Developer Reference)
- Windows Internals, Part 2 (6th Edition) (Developer Reference)
Open-Source Software Development Tools
Assembly Language
- Machine Language For Beginners
- WikiBooks - x86 Disassembly
- Linux Assembly Language Megaprimer
- Windows Assembly Language Megaprimer
Computer Architecture
- Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
- Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration
- The Life of Binaries
- Linkers & Loaders
Network Security
- Flows Analysis & Network Hunting
- Hacking Techniques & Intrusion Detection
- Introduction to Network Forensics
- Pcap Analysis & Network Hunting
- Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
Web Application Security
Expert Level Subjects
These materials dive deeply into the most advanced topics in computer security.
Challenges
Subjects
Computer Forensics
- The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics
- Digital Forensics with Open Source Tools
- Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry
- File System Forensic Analysis
- The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
- Rootkits: What they are, and how to find them
Cryptography
- Fundamentals of Cryptology - A Professional Reference and Interactive Tutorial
- Theory and Practice of Cryptography and Network Security Protocols and Technologies
- Cryptography and Security in Computing
- Applied Cryptography and Network Security
Exploitation & Vulnerabilities
- Buffer Overflow Exploitation Megaprimer
- Format String Vulnerabilities Megaprimer
- Exploit Research Megaprimer
- Metasploit Framework Course Materials
- The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
Reverse Engineering
- Reverse Engineering for Beginners
- Introduction To Reverse Engineering Software
- Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
- The IDA Pro Book: The Unofficial Guide to the World’s Most Popular Disassembler
Advanced Python
- Invent with Python: Hacking Secret Ciphers with Python
- Gray Hat Python: Python Programming for Hackers and Reverse Engineers
- Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
- Black Hat Python: Python Programming for Hackers and Pentesters
Penetration Testing
Malware Analysis
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
- Reverse Engineering Malware
External References
Computer Security Manuals & References
- O’Reilly - Open Books
- Tecmint - Free Linux Books
- FreeComputerBooks.com
- Free Programming Books
- Free Online Computer Science Classes
- Free Video Lectures from 30+ Universities
- Wikiversity
- SecurityTube Collections
- OpenSecurityTraining.info
Computer Security Challenges