at http://chris-goff.com/ or follow him at https://www.linkedin.com/in/goffchris
There's a lot of info packed in here, and it's pretty technical. But you don't have to memorize it all now and there won't be a test! Just skim it, enjoy it and bookmark it!
Information Security Learning Resources
or information security for the self-learner
by Chris Goff
This is the result of many years of notes. This is by no means an exhaustive list, nor the definitive path to information security.
If you come across a dead link, use the Internet Way Back Machine (https://www.archive.org).
Bookmark these Google Search cheat sheets, they will come in handy:
Official Google Cheat Sheet - http://www.google.com/help/cheatsheet.html
Google Advanced Operators Cheat Sheet - http://www.googleguide.com/print/adv_op_ref.pdf
Learning How To Learn - http://l.goodbits.io/l/407nqn1n
Here are three core competencies within information technology that will provide a solid foundation on which to start a security career:
- Systems Administration
- Network Administration
The core competencies are not a requirement, however be aware that InfoSec is expected to be a Subject Matter Expert (SME) on most topics. If you wish to be successful diversity of knowledge is key.
“Fast, cheap, and reliable. Choose two.”
Awesome Sysadmin - https://github.com/n1trux/awesome-sysadmin
Top 10 Tenants of a System Administrator - https://github.com/Leo-G/DevopsWiki/wiki/Top-10-tenets-of-a-System-Administrator
Understand how Operating Systems work at a low level
o Operating Systems: Three Easy Pieces - http://pages.cs.wisc.edu/~remzi/OSTEP/
o Linux From Scratch - http://linuxfromscratch.org/index.html
o Kernel - https://kernel.org/doc/html/latest/
o Hack The Kernel - https://www.ops-class.org/
o linux-insides - https://0xax.gitbooks.io/linux-insides/content/index.html
o levin/ux - http://mikelev.in/ux/
o Active Directory
o Group Policy
o File sharing in a Windows Environment (permissions, etc.)
o Windows Update Services (WSUS)
o System Center Configuration Manager (SCCM)
o Event Logs
§ See resources under Programming
o Office 365 (administration and architecture)
o Windows Firewall
Direct Download Links to the Official Microsoft ISO images - https://www.heidoc.net/joomla/technology-science/microsoft/
http://ss64.com/ - command line reference
http://www.nirsoft.net/ - amazing little tools
o Learn Debian and Red Hat Linux or a derivative thereof (Ubuntu, CentOS). These are the two most popular distributions for getting stuff done.
§ The Debian Administrator’s Handbook - https://debian-handbook.info/browse/stable/
o Apache, nginx
o salt, ansible, Puppet, chef
§ Getting Started with SaltStack - https://techarena51.com/index.php/getting-started-with-saltstack/
§ One day BASH Crash Course - https://aliteralmind.wordpress.com/2015/01/10/bashcrash/
§ BASH guide - http://mywiki.wooledge.org/BashGuide
Learn X in Y minutes BASH scripting - http://learnxinyminutes.com/docs/bash/
§ Explain Shell - http://www.explainshell.com/
§ ShellCheck - http://www.shellcheck.net/
o Package Management (apt, yum, etc.)
o Learn the most common command line utilities (grep, awk, sed, etc.)
§ Guide to Unix Command Line Utilities - https://en.wikibooks.org/wiki/Guide_to_Unix/Commands/File_System_Utilities
The magic of strace - http://chadfowler.com/2014/01/26/the-magic-of-strace.html
The Hacker Ways: Gentle Introduction the Command Line and UNIX toolset - http://juanreyero.com/hacker-ways/index.html
Unix Toolbox - http://cb.vu/unixtoolbox.xhtml
§ Awk in 20 minutes - http://ferd.ca/awk-in-20-minutes.html
§ grep basics - http://www.grymoire.com/Unix/Grep.html
o iptables / netfilter
o UNIX Mages - http://www.unixmages.com/
o Tips for Linux Explorers - http://www.brunolinux.com/
o Rosetta Stone for Unix - http://bhami.com/rosetta.html
o Linux command line examples - http://www.examplenow.com/
o The UNIX School - http://www.theunixschool.com
o nixCraft - https://www.cyberciti.biz/
o UNIX Command Line - http://www.unixcl.com/
§ The FreeBSD Handbook - https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
§ The OpenBSD documentation is very good. Use man liberally.
§ The Quick Guide to OpenBSD - http://nickh.org/computer/OBSDQuick.html
§ Absolute OpenBSD by Michael Lucas
§ The Book of PF by Peter N. M. Hansteen
That Grumpy BSD Guy - http://bsdly.blogspot.com/
§ pf – The amazing packet filter
o Structured Query Language (SQL) - https://en.wikipedia.org/wiki/SQL
o MySQL and Microsoft SQL are popular SQL options
SQL Tutorial - http://www.w3schools.com/sql/default.asp
§ PostgreSQL Exercises - https://www.pgexercises.com/
Log management and system monitoring
Graylog - https://www.graylog.org/
o Cacti - http://www.cacti.net/
Nagios - https://www.nagios.org/
o Understand what a hypervisor is and how it works - https://en.wikipedia.org/wiki/Hypervisor
o Understand Storage Area Networks - https://en.wikipedia.org/wiki/Storage_area_network
o iSCSI knowledge is helpful.
§ Starwind iSCSI Initiator for Windows - https://www.starwindsoftware.com/iscsi-initiator
§ Be familiar with vSphere. Consider a VCP certification or browsing through the blueprints for the latest release.
§ I recommend purchasing a copy of VMware Workstation (or VMware Fusion if you are on a Mac), especially if you are going to be building labs. Note that you can build out an ESXi architecture within VMware Workstation, just make sure you have plenty of CPU and RAM (VMware Configuration Maxims: https://www.vmware.com/pdf/vsphere6/r60/vsphere-60-configuration-maximums.pdf). The VMware Communities are chock full of useful information for both learning and troubleshooting.
§ Download VMware evaluation software - http://www.vmware.com/try-vmware.html
§ Yellow Bricks - http://www.yellow-bricks.com/
§ vReference - http://www.vreference.com/
§ VMware Best Practices – http://communities.vmware.com/community/viops
§ AutoLab - http://www.labguides.com/autolab/
§ VMware Hardening Guides: http://www.vmware.com/security/hardening-guides.html
§ Microsoft Virtual Academy Courses - https://mva.microsoft.com/training-topics/virtualization#!lang=1033
o Containers (http://merrigrove.blogspot.com/)
§ Docker for Beginners - http://prakhar.me/docker-curriculum/
o Learn how to automate and orchestrate
o Amazon Web Services (AWS)
- The Practice of System and Network Administration by Thomas A. Limoncelli and Christina J. Hogan (http://everythingsysadmin.com
- Server Fault - http://serverfault.com/
- Super User - http://superuser.com/
- Petri IT Knowledgebase - https://www.petri.com/forums/
- League of Professional System Administrators - http://lopsa.org/
- IT Service Management Webcasts - https://www.brighttalk.com/community/it-service-management/webcasts
- Sysadmin Casts - https://sysadmincasts.com/
- CommandlineFu - http://www.commandlinefu.com
- Ops School Curriculum - https://ops-school.readthedocs.org/en/latest/
RFC 1925: The Twelve Networking Truths - https://tools.ietf.org/html/rfc1925
The OSI model - https://en.m.wikipedia.org/wiki/OSI_model
o Note that the OSI model is not a rigid definition of where a protocol should sit on the network stack. For example, MPLS (https://en.wikipedia.org/wiki/Multiprotocol_Label_Switching) “sits” between layers 2 and 3.
Read the Request For Comments (RFCs) - https://www.rfc-editor.org/rfc.html
o Network Sorcery RFC Sourcebook - http://www.networksorcery.com/enp/default.htm
o IPv6 - https://en.wikipedia.org/wiki/IPv6
§ If your ISP does not offer native IPv6, you can use a tunnel broker such as Hurricane Electric (http://he.net/). Hurricane Electric also offers a free IPv6 certification process which is an excellent learning tool: https://ipv6.he.net/certification/.
o IPsec - https://en.wikipedia.org/wiki/IPsec
o Virtual Private Network (VPN) - https://en.wikipedia.org/wiki/Virtual_private_network
§ OpenVPN - https://openvpn.net/
Inter-VLAN routing (http://www.firewall.cx/networking-topics/vlan-networks/222-intervlan-routing.html)
§ How DNS Works (https://howdns.works/)
§ Understanding DNS (http://www.tech-faq.com/understanding-dns-queries-and-lookups.html)
§ DNS for Rocket Scientists (http://zytrax.com/books/dns/)
§ Why DNS is awesome and why you should love it (https://blog.skullsecurity.org/2015/if-youre-a-pentester-you-should-love-dns)
§ IP, TCP, and HTTP - https://www.objc.io/issues/10-syncing-data/ip-tcp-http/
o MFA (Multi-factor authentication)
o OTP (One Time Password)
o PKI (Public Key Infrastructure)
Switching / Layer 2
o Ethernet - https://en.wikipedia.org/wiki/Ethernet
§ Wireless Ethernet - https://en.wikipedia.org/wiki/IEEE_802.11
Virtual LAN (VLAN) - https://en.wikipedia.org/wiki/Virtual_LAN
o Difference between a VLAN and a subnet - http://networkengineering.stackexchange.com/questions/1029/difference-between-subnet-and-vlan
o Firewall.cx - http://www.firewall.cx
o Internet Firewalls FAQ - http://www.interhack.net/pubs/fwfaq/
Network Access Control
o Port-based NAC - https://en.wikipedia.org/wiki/IEEE_802.1X
o How Proxies Work - https://parsiya.net/blog/2016-07-28-thick-client-proxying---part-6-how-https-proxies-work/
Network Time Protocol (NTP)
Intrusion Detection and Prevention
- Interconnections: Bridges, Routers, Switches, and Internetworking Protocols by Radia Perlman.
- Network Security: Private Communication in a Public World by Radia Perlman.
- The TCP/IP Guide is one of my favorite books and is freely available online: http://www.tcpipguide.com/.
- CCNA/CCENT Training Course - https://www.youtube.com/playlist?list=PLmdYg02XJt6QRQfYjyQcMPfS3mrSnFbRC
- You Down With BGP? - https://www.youtube.com/watch?v=RT-1DU33xIk&feature=youtu.be ;-)
- PacketLife - http://packetlife.net/
- Router god - http://www.routergod.com/
- Router Freak - http://www.routerfreak.com/
- MX Toolbox - http://mxtoolbox.com/
- The Network is reliable - https://aphyr.com/posts/288-the-network-is-reliable
- Building a small DC - https://v.gd/gjEERc
- PacketLife Cheat Sheets - http://packetlife.net/library/cheat-sheets/
- The Packet University - http://www.packetu.com/
- iproute2 cheat sheet - http://baturin.org/docs/iproute2/
- Linux advanced routing and traffic control - http://lartc.org/lartc.html
- Wireshark - https://www.wireshark.org/
- Publicly available PCAP repositories - http://www.netresec.com/?page=PcapFiles
- Packet Bomb - http://packetbomb.com/
- tcpdump101 - http://tcpdump101.com/
- Cisco Packet Tracer - https://www.netacad.com/about-networking-academy/packet-tracer/
- GNS3 Graphical Network Simulator – http://www.gns3.net/
- EtherealMind - http://etherealmind.com/
- Packet Pushers - http://packetpushers.net/
Programming / Scripting
A common response to programming from operations folks is “I don’t need that”.
If you want to take your skills to the next level I recommend learning a scripting language (e.g. Python or PowerShell) and a “real” programming language (e.g. C). Having a detailed understanding of how computers work will change the way you perceive security, and give you a newfound respect for the difficulty of creating secure (and usable) software. If you plan on doing any of the “sexy” things in security (pen testing) effectively you will need to be able to get around in a programming environment.
If you have trouble learning programming: consider a project you are working on and how you might automate it using a script. When you’ve automated something, work on improving the efficiency of the script including documentation and error control.
Learn how to use a good text editor. Some common ones include vim, Atom, Sublime Text, Notepad++, and nano.
Programming Languages and Tools - http://hyperpolyglot.org/
Scripting - http://www.robvanderwoude.com/
Learn X in Y Minutes - https://learnxinyminutes.com/
Free programming books - https://github.com/vhf/free-programming-books/blob/master/free-programming-books.md
“This is the UNIX philosophy: Write programs that do one thing, and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface.” – Doug Mcilroy
- Small is beautiful
- Make each program do one thing well.
- Build a prototype as soon as possible.
- Choose portability over efficiency.
- Store data in flat text files.
- Use software leverage to your advantage.
- Use shell scripts to increase leverage and portability.
- Avoid captive user interfaces.
- Make every program a filter.
“Computers do calculations, and remember the results of those calculations. Two things, and two things only.”Memory
o Stack, heap, pointers, buffer overflows
Assembly, computer organization (architecture)
o Hacker's Delight (http://www.hackersdelight.org/)
o David Poplowski’s Page, Michigan Technical University, Department of Computer Science (http://www.cs.mtu.edu/~pop/)
o “Think of assembly instructions as the DNS of CPUs. Opcodes would be analogous to IP addresses.”
o Object Oriented
o Patterns - book by the Gang of Four
o Server and client side
o Cross site scripting
o AJAX/Asychronous requests
o REST (state versus stateful)
o Load balancing, sessions across multiple servers
SQL, relational databases
o How does data map?
o Indexes, SQL injection, etc.
§ SQL Pattern Matching
§ Pattern Matching in Search Conditions - https://technet.microsoft.com/en-us/library/ms187489(v=sql.105).aspx
§ LIKE (Transact-SQL) - https://msdn.microsoft.com/en-us/library/ms179859.aspx\
§ MySQL Pattern Matching - http://dev.mysql.com/doc/refman/5.7/en/pattern-matching.html
o Entity Framework
Write lots of programs
Write lots of programs
Look at other people's code (open-source)
o Github, Bitbucket etc.
§ git, the simple guide - http://rogerdudler.github.io/git-guide/
o Swim lanes (different environments)
- Getting Started With Microsoft PowerShell
- The PowerShell Best Practices and Style Guide
- Hey, Scripting Guy!
- TechNet Virtual Lab: Introduction to Windows PowerShell
- Windows PowerShell Survival Guide
- PowerShell Classes on Channel 9
- Learn Windows PowerShell in a Month of Lunches by Don Jones (Youtube Channel)
- Windows PowerShell Cookbook by Lee Holmes
- PowerScripting Podcast
- PowerShell Resources - Put together by Warren F
- C Programming - http://www.lysator.liu.se/c/
- C Puzzles - http://www.gowrikumar.com/c/index.php
- Learn C Programming by Robert Elder
- Illustrating C by Donald Alcock
- Practical C Programming by Steve Oualline
- Absolute Beginner's Guide to C by Greg Perry
- The C Book
- Learn C The Hard Way
- Rules for defensive C programming
- 10 Rules for Writing Safety Critical Code (PDF)
- Network Automation with Python - https://www.youtube.com/watch?v=eiYemtNKS-M&list=PLtw40n4ybvFoHoigW7IwITNilmZn2cfNv