Getting Started In Info Sec
Saw this in passing on Mastodon and thought it was worth having
"to hand" as a sort of checklist for reference.
This page has been |
Tagged As Security and
Tagged As Software
Here is what
@Munin, Keeper of Lore
Here's what I consider to be foundational concepts that you ought
to at least be aware of before going into infosec:
That should be a good basic manifest, and you'll doubtless
find out other things when you learn these.
- What a computer is, and what common operating systems are.
- What a software update is.
- What an application is.
- Where updates for applications come from vs. those for the OS.
- What it means when an OS or application is EOL
- What a network is
- What an IP address is
- What a netmask is
- What a gateway is
- What a route is
- What DHCP is
- What DNS is
- What a port is - and the difference between well-known ports and the others.
- How a TCP connection is set up
- How a UDP connection differs from a TCP connection
- What ARP is, and why you need it
- What a MAC address is, and how to change it
- Why a MAC address is not a unique identifier
- How to set up a network enclave
- What NAT is
- What a firewall is
- How a connection gets from point A to point B on the internet
- What nmap is and when you'd use it
- What a file hash is
- Why it is not encryption
- What happens when a file is written in the OS
- What happens when a file is deleted in the OS
- What file formats are and how they're detected
- Basic understanding of HTTP and how it differs from HTTPS
- What happens when you send an email
Once you know about these things, we can talk about stuff
like the principle of least privilege and all that jazz,
and talk about how to work on securing your assets and
Suggested by another colleague:
- I'd add "why encryption without authentication isn't good enough"
- ... "a basic understanding of encryption and cipher modes"
- what fragmentation is ...
- There are or have apparently been known attacks involving taking
advantage of what different OSs do with overlapping fragments.
If you send what appears to be the same packet fragmented different
ways, but actually gluing the various bits together you find that
the overlaps are different, you may be able to get away with stuff.
- Is it worth mentioning IP options, IPv6 extension headers etc. ?
- What switches do when they don't know where destination mac address is.
- You can make a switch forget a mac address it once knew. For example,
send it stuff from lots of made up macs so it has to throw away ones
it knows to make room for them.
- Should be know stuff like understanding how a computer boots and how
bad'uns can interfere there? Master boot records, and similar.
There were no headings
in the main text so there
is no table of contents.
Links on this page
|Site hosted by
- Maths, Design, Juggling, Computing,
- Embroidery, Proof-reading,
- and other clever stuff.
Suggest a change ( <--
What does this mean?) /
Send me email
Front Page /
All pages by date /
Site overview /
Top of page