[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /λ/ - 15611

File: 1460401037260.png (50.45 KB, 300x222, i have no idea.jpg)


Alright, so, I was recently accepted into a master's degree program in the computer science field. Specifically, it focuses on cyber security. This field is quite different than what I earned my bachelor's in and it was a steep hill to climb getting to this point. I did all the pre-requisite stuff and now I'm just waiting for September 2016 to arrive. To be frank, I was a bit surprised I was accepted into this program given my lack of an engineering/science degree, and I want to be as prepared as I possibly can be. What I need is a studying regimen.

I want to learn as much C++, Python, and networking essentials as I possibly can by September 1, 2016. I don't have to be a wizard by then. Just strong enough to follow a lecture without getting totally lost. I need some advice from you guys on what's the best schedule I can create for myself.

I currently work about 40 hours a week, five days a week between 4PM and about 1AM. This gives me two days a week off, plus afternoons to myself. The way I see it, I have
>4 hours every Sunday, Monday, Wednesday, Friday
>2 hours every Saturday
>All-day Tuesday and Thursday

What's the best way to use this time if I want to learn as much as possible in 4-5 months?


1. install gentoo
2. use it exclusively
3. set up tor
4. use it exclusively
5. set up a clear web server (can be a raspberry pi behind your router for 30 dollaz) with a valuable service (maybe owncloud/seafile?).
6. harden/pentest said server as much as you can
7. if you get bored write an application/plugin/addon for service from point 5 then repeat 6

not even joking about the first step, you will actually learn alot. from what i read, you have no idea what you are doing and are not exactly enthusiast (or have lack of experience in OSes/Security general). You should not focus that much on learning to program at first. security is more about concepts and protocols. You must understand those first. Many programmers I know, know shit/give shit about security.


>You should not focus that much on learning to program at first.
I don't think so. Knowing C is essential to understanding and finding new exploits. C isn't that hard to learn. Without prior knowledge you could get a solid understanding of it in about 4 weeks.


> C++
Learn C first. I'm serious. I learned C first, then C++, and C++ was not so hard as it could've been if I had to swallow all it's concepts at once.
I don't mean you become a C expert, because there are some things in C++ which are beyond the scope of C (like templates. C++ OOP is relatively easy to understand, but templates look like sorcery the first time you see them).
C++ is also a direct descendant of C, it was an OOP layer built on top of C originally, so C++ is not really an object oriented language in the full sense of the word. C++ uses idioms and constructs from C which involve making machine-level represenations of data and algorithms. Sequential stuff.
That and pointers. They're not so hard, and they come in C++ too.
And as a consequence: malloc() and free(). When you get to really undestand these concepts, C++'s new() and er... it's counter, are really just new versions of familiar concepts.
I learned a lot solving excercises. The part which I enjoyed the most (and from which I learned most) was making datastructures and operations on them. Make a binary tree, make a breadth first and a depth first search algorithm. Make a red/black tree, a suggest tree, and so on. Try and solve travelling salesman, and for your graduate project make a simple genetic algorithm.
Also linked lists of course, and circular linked lists, and dobly linked lists.
Solve some Project Euler.
Datastructures, a lot of them. And their algorithms


As to networking essentials, get beej's guide to socket programming. Learn about the OSI model, and the main application protocols such as HTTP, SMTP and so on. Also learn as much as you can about TCP and it's vulnerabilities. Learn what UDP is if just for reference.
Also learn some basic cryptography. Learn what is symmetric crypto and public-key crypto. Learn about hashes too, such as md5 and sha1, sha512, and so on.
Learn to use netcat, nmap, traceroute, ping, nslookup.


File: 1460438650398.png (72.68 KB, 200x160, wwjd.jpg)

I appreciate all the advice received so far. In particular this >>15612 looks like something I can do.

I'm not 100% clueless. I have A+ Certification and I'm familiar with the basics of Linux. I own a Raspberry Pi but never knew what to do with it so it just sits there. I'll look into the "clear web server" idea. I went to a "hacker workshop" for a few weeks. 75% of it was over my head but it was worth it just to hear some of the terminology and learn about tools that exist.

The only thing is I don't have the luxury of time.

I'm working slowly but surely on Net+ certification. I took the test a few months ago and failed by a hair. IP addresses are probably what killed me. The problem is I'll spend time reading about something, but when I actually sit down to do the thing I can't remember it. It would be good if I could set up some kind of virtual environment strictly for practicing networking so I could practice without screwing up internet in my house.


use anki to revise for tests


File: 1460565378455.png (734.82 KB, 200x125, G_PlayerReborn_by_Okaria.jpg)

That looks pretty sweet. Do you have a recommendation on how to practice setting up routers and the like? Should I just go buy a cheap one and mess around with it?


I've passed the A+, Net+, and Sec+. I watched Prof. Messer for A+ and Net+, skimmed a book for Sec+, and looked over the test objectives. I cannot emphasize enough how important it is to look over the test objectives. You can ignore the vocab section.


File: 1461042057559.png (8.48 MB, 200x132, mobo.jpg)

What did you find was the best way to master IP addressing schemes? I can only do the examples in my book so many times.


File: 1463902867935.png (4.14 MB, 200x150, honksuit.webm)

What are some things I can do with "gentoo?"

Anything fun? Anything creative?


Gentoo is just another distro. Managing your USE flags is fun but there isn't anything creative you couldn't do on another distro.


Install any Linux distro and learn bash.
Learn C, then C++, then Python.
Learn HTML, CSS, JavaScript and PHP (or any other alternative) (these are web development languages).
Buy or make your own server. Set up a something on there (maybe a website?)
Learn Lua.


Get to know your use flags, best by example this way. Use zero USE flags, then do per-package settings for the programs you use most such as your editor, just adding features as you need them, and so on.


File: 1464797671136.png (19.28 KB, 148x200, gentoo.jpg)

Based on the little bit of research I've been doing, it looks like the big benefit of Gentoo over other distros is that it will run very efficiently depending on how well you "tailor" it. I suppose there's a lot of benefits to that.

I'm curious to know what some of you do with your machines other than gaming and coding?


>the big benefit of Gentoo over other distros is that it will run very efficiently
Those who say this kind of things don't know what they're talking about. What's great about Gentoo is that you can configure it to behave the way you want it. A binary distro will most of the time compile its packages with every single possible options enabled because there's no way to really know what the users may need the packages for. This means that when you install a package on your machine, you'll need to install a huge amount on unneeded packages.
I for example encountered this problem when trying to install libnotify on debian. For whatever reason, it wanted to install the adwaita icon theme too. Which is stupid because I did not need any icon theme. I do not use icons.
This example can seem kind of inane, but I decided to use it because it was simple to understand. Other examples include being able to choose whether you want to use systemd or openrc, openssl or libressl, whether you want selinux enabled or not etc.

To be honest, switching to gentoo didn't make my system faster in any way. It even made booting slower as Systemd is way faster that OpenRc is (yes, even with 'rc_parallel="YES"'). But having a sane init system is really worth the few additional seconds of boot time.

The only "efficient" thing I noticed on Gentoo is that after a fresh boot (without starting X or anything else) the ram usage is lower than it is on a Debian minimal install. But I don't really care about using 30MB of ram instead of 60, I never ran out of ram in situations that didn't involve a memory leak.

>I'm curious to know what some of you do with your machines other than gaming and coding?

I use my main computer with DistCC. It compiles packages for my laptop and my raspberry pi, which I use to self-host a few services.


Gentoo is faster because the compiler gets to use optimisations specific to your hardware. This really doesn't add up to much though.


>Gentoo is faster because the compiler gets to use optimisations specific to your hardware.
This is only true if you set the CPU_FLAGS in your make.conf. Otherwise you'll get a vanilla binary. And even then, sometimes you'll end up disabling these optimizations because enabling them requires enabling other features in the software you want to compile. For example here are my CPU flags:
CPU_FLAGS_X86="avx avx2 mmx sse sse2 sse3 sse4_1 sse4_2 ssse3"
But I had to compile ffmpeg with these use flags:
media-video/ffmpeg -cpu_flags_x86_sse -cpu_flags_x86_sse2 -cpu_flags_x86_sse3 -cpu_flags_x86_ssse3 -cpu_flags_x86_sse4_1 -cpu_flags_x86_sse4_2 -cpu_flags_x86_avx -cpu_flags_x86_avx2
Because my CPU didn't support a specific useflag required for all the other optimizations to be enabled.

And even if your CPU was able to use every possible optimizations, you'll notice that very very few software actually use them. For example, if you take a look at SSE4 (which is, if I'm not mistaken optimization for vector operations), here are the software that actually use it:
(source : https://packages.gentoo.org/useflags/cpu_flags_x86_sse4_2)

This is a ridiculously small amout of software and I don't use any of them on a regular basis. Which means my system isn't faster at all.


You are still better than other package based distros.


>You are still better than other package based distros.
This sentence is completely meaningless. Better at what ? Ease of use ? No. Being a "faster" and "more efficient" general computing platform ? Nope, see >>16817 and >>16839. Configuration ? Alright, maybe.

There isn't a "better" distro, just like there isn't a "better" programming language or a "better" editor. There are different tools that all try to be good at something and most of the time they're good at that thing they try to be good at. But because being good at something involves making compromises they often have flaws too.

TL;DR: Gentoo isn't a "better" distro. It's a distro that's pretty good at being configurable.


>Better at what ?
Better at using CPU specific ISA. If Gentoo isn't good (compiling everything from stage 1 can be painful) then BSD port system or AUR CFLAGS are good too. I tested cflags on my own programs and other computanional benchmarks and they where much faster with native march option. For example it's bit lame releasing Ubuntu with i686 settings on 32bit when even old AMD CPUs support more ISA than that ancient platform.


This lainon is right,
if you are doing a cybersecurity field then its more based on understanding the background first (Networks, protocols, Machine code) then driving right into programming. Some of those courses may not require any programming at all (Security Policy course).

I would focus on understanding computer networks and C++ and reversing it.


File: 1477432538752.png (972.12 KB, 200x104, 1471150379873.jpg)

I figure I'd come back with some sort of update. I got Net+ certification on my second attempt, but I'm still struggling with finding time for coding.

Fortunately as it turns out, my master's program has been extremely light on programming so far. I think there will be some expectation that we should be able to read code, but writing it seems less essential at this stage.

At the advice of our program director, I've started studying Java. His recommendation was that learning code would eventually become a necessity in my career. I'm aiming for the Java Programmer I certification, so at least I'm on a path.

The funny thing I noticed though is that---after doing introductory studies of C++, Python, Lisp, etc.---I'm finally starting to "get it." It's almost like I had to learn the basics of a few different programming languages before I could finally start to really study one.

I "made" an ubuntu server, but I'm kind of at a loss as what to do with it now. I was wondering if I could host some kind of webcrawler on it (basically a program that archives internet content that's relevant to my coursework). Can anyone recommend some kind of relevant documentation?


I wrote a scraper for a very messy website using Oga for Ruby once, that made it really easy.

>It's almost like I had to learn the basics of a few different programming languages before I could finally start to really study one.

I know what you mean, I tried a bunch of languages at first, but didn't understand much and wasn't able to write anything myself until I started reading SICP.