Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Beginning Web Security? [closed]

Tags:

security

I just came back from a hackers conference about internet security and I'm interested in learning web security and protecting companies from hackers. But I don't know where to start and what languages to learn..

Could anybody point me in the right direction for this?

like image 621
user377419 Avatar asked Jul 18 '10 00:07

user377419


People also ask

What does a lock icon symbolize Besides a website name?

The lock symbol and related URL containing “https” simply mean that the connection between your web browser and the website server is encrypted, which is important. It prevents others from eavesdropping or intercepting your communication between your browser and the website's server.

What is basic web security?

In general, web security refers to the protective measures and protocols that organizations adopt to protect the organization from cyber criminals and threats that use the web channel. Web security is critical to business continuity and to protecting data, users and companies from risk.

What are Web security issues?

A security issue is any unmitigated risk or vulnerability in your system that hackers can use to do damage to systems or data. This includes vulnerabilities in the servers and software connecting your business to customers, as well as your business processes and people.

How can I check to see if a website is safe?

Look at the URL of the website. If it begins with “https” instead of “http,” it means the site is secured using an TLS/SSL certificate (the s in https stands for secure). TLS certificates secure all of your data as it is passed from your browser to the website's server.


2 Answers

Everyone has their own philosophy of security. Developing your own philosophy is vital. This is the reason why Bruce Schneier is so popular, and I read every blog post.

In the current state of security the landscape is littered with security systems that fail. I believe this is because of the following quote.

"What I cannot create, I do not understand."

--Richard Feynman

Learning how to break software is the most important step in learning in how to protect it from attack. You must find vulnerabilities in software and write exploit code.

like image 190
rook Avatar answered Oct 21 '22 11:10

rook


This is kind of an enormous field. People make lifetime careers from it. As a beginner, you'll want to learn:

  • HTML, XML and XHTML
  • Javascript, and once you know it, read about cross-site scripting attacks
  • SQL, and once you know the basics, injection attacks
  • Basics about hashes, salts, public key encryption, and how HTTPS works
  • How certificates work

That should be a good start.

like image 2
Reinderien Avatar answered Oct 21 '22 12:10

Reinderien