The main motivation of this post is that it seems more and more frequent (if not more frequent if too frequent) to find people who ask about starting in the world of hacking.
there is a whole series of knowledge that we consider necessary to start with computer security. For reasons that do not come to mind, I prefer to call it computer security xD. (no thing is secure for me ) but i post on a white hat blog so i must say this :)
The intention of the post is not to explain systems, services or networks, if not simply enumerate this knowledge and maybe if you see it necessary to make some hyperlink to some explanation. The idea is that the post is expanding with things that you consider necessary.
- Administration of users and groups
- GNU / Linux package systems
- Permissions, GPOs
- File systems
- Boot loaders -
Active Directory / LDAP
- System motorization
- Using logs
- Processes and priorities
- BASH and POWERSHELL
- Types of networks, and topologies
- OSI model
- IPv4 addressing, Subnneting, CIDR, VLMs IPv6
- TCP, UDP, ICMP, ARP
- Collision and broadcast domains
- Routing, RIP, OSPF, BGP, EIGRP
- Types of NAT
- VPN, SSL, IPSec
- Firewalls, IDS, IPS
- 802.11 and other wireless technologies
- Principles of the entity-relationship model, standardization
- Creation and modification of databases.
- SQL - PL / SQL
- Client-Server Model
- HTTP, HTTPS
- POP3, IMAP
- Algorithm fundamentals
- Some scripting language, al consumer taste.
- C #, C ++, JAVA or some other language.
- Pointers, memory handling
- Using Debuggers, Compilers
- As we advance and prefigure we will find more necessary the use of English, because much of the documentation in that language is found.
It is necessary to understand that many of these subjects are transversal to the computer security to "deepen" in its knowledge. It is not the same to know SSH, than to know how to use it and to fortify it.
Any contribution of knowledge that you consider important I add. Some may not consider many of these important things to use many tools. And he's right. But the goal when studying computer security should not be to know how to use tools, it should be to understand them. It is of no use knowing how to use Zenmap / Nmap if we do not know that it is an ACK.
PS I'm sure I forget to include many things no i didn't because there is a great article that was puplished here before you can read it here