What to learn for IT Security/Hackers.

[styxxxola]

So, I'm just asking what is the rough outline of languages and programs I need to learn and understand to become an awesome security person! Yay!

Other than programming languages like C/C++, C#, Java, etc.
What else will I need to learn? From the basics up to advanced?

XHTML, SQL Injecting, TCP/IP classes, etc...

I need a list of pretty much everything to get me headed in the right direction.
I hope that's not too vague or asking for too much.

I just want to get my foot in the door in understanding the Internet a little bit more.

I've got A+, C/C++ knowledge, other than that, I'm just a gamer.

 

[berry120]

Security is a minefield - and an ever changing one at that. But before you can understand the details of XSS exploits, how SQL injections work and what buffer overflows are you need to understand the underlying technologies behind them.

Anyone can Google for certain exploits, get a rough idea of what they do and subsequently exploit them. What separates the script kiddies from the real men here is who can find flaws in technologies in the first place and understand and show exactly how they work. There's very few who can do that successfully.

Then again, perhaps that shouldn't be surprising. Doing that requires an enormous amount of work - if you're serious about getting that far you need to honestly take a step back and just focus on learning how all these technologies work to their most intricate details. That requires a lot of time and effort!

So my advice would be to drop the "awesome security person" goal for the moment, pick some technologies and read up on them. Find out how they work, read up on known exploits in these technologies, understand how they work, work out how these exploits could be stopped and the mistakes made that meant they were introduced in the first place.