This article has been posted for almost twenty years today and still holds great significance. Because technology is always changing, but people never change. Only a few people will ever truly master a craft, because only a few people will make the effort.
Sender: cloudsky (Xiao Si), Forum: Security
Subject: Have you done your best?
Posting Site: Wuhan Baiyun Huanghe Station (Mon Apr 17 19:52:54 2000), Internal Mail
Many people ask how to get started, but I don't know what door they are asking about.
I rarely have the patience to read certain good articles from beginning to end, but this time I truly understand. For example, Yuan Ge's sniffer principle, I always thought I understood it very well, so I never bothered to read Yuan Ge's article carefully. Later, one night, I was discussing with Yuan Ge how to directly obtain the MAC address through port read/write, why antisniff can obtain the real MAC address without being affected by MAC address modification techniques, and how to obtain the real MAC address in Linux. I always had doubts about port read/write in Linux, always feeling that the ports in protected mode had memory mappings, and so on. Then Yuan Ge asked me, "Did you read my article carefully?" I was stunned. Recently, because I had to print a monthly magazine, I had to carefully filter through many of my old documents, and only then did I realize that Yuan Ge's article gave me a new understanding. Later, when I was organizing several articles about buffer overflow in TT, especially the one about loadable kernel modules in Solaris, I felt even more ashamed.
In the past, it was said that you couldn't read without borrowing books, but now the articles are left on the hard drive without being read. In fact, this section already has many classic articles and has recommended many classic books, but how many have actually been read carefully? I have read W.Richard.Stevens' UNP seriously and added many annotations, but I wasn't as serious with APUE, although I did read half of Volume II seriously and wrote reading notes. I didn't read a single page of Volume III. I have read Douglas' Volume I and Volume III several times seriously, but only read Volume II intermittently. For many technical articles, if I get my hands on them, I become lazy and don't want to read them again, but I don't know how much resources I have wasted and how many resources I have overlooked. Is BBS really a place where you can learn something? Rain says it's not, and I say it's not either. But this place can broaden your horizons and give you guidance on the general direction, which is enough. I have always hoped that everyone can learn not just the technology itself from here, but also the learning methods and a kind of calmness that is no longer fanatical.
Many technologies will become outdated tomorrow. If you master the learning methods, you will have another chance. If you only master the technology itself, you will have no chance. Actually, I don't understand system security at all because I have always liked to read and write programs but never liked or had the ability to attack someone's host/site. What I can do here is provide a direction and a kind of preaching that allows your fanaticism to turn into calmness. If you haven't read "Windows NT Device Driver Development" or "Win9x System Programming", but want to write a Trojan horse to hide yourself, it's ridiculous. If you don't even read assembly language but insist on asking about the principles of exploit code, then I can't answer and don't want to answer you. Some people always ask for an explanation, saying that they asked a question but didn't get an answer. Not answering is already the correct way to handle it. At least I didn't reply to you, go read a book, right? At least I didn't disturb the layout and make you feel annoyed. If you have read the Unix man pages completely, you won't have any trouble with Unix. If you have read Microsoft's MSDN and Platform SDK documentation completely, you won't have any trouble imagining the difficulty of Win programming.
Still, that saying holds true. A programmer who reaches the level of W.Richard.Stevens, who can be specially commemorated by top hackers from around the world after his death but never attacked in his lifetime, think about it, what kind of realm is that? What kind of calmness is that? We can discuss technical issues extensively and have productive discussions, but we have no intention of repeating basic knowledge and resource information on the forum. I just posted a bunch of articles from isbase, and the homepage was mentioned at the beginning, but immediately someone asked where the homepage is. We just discussed how to modify the MAC address, and then someone immediately asks again. There are only three articles between them. Choosing silence is already an excellent display of patience for many friends. Many things can be inferred from one example. Vertex's LIDS, which is tracked and updated by Packet Storm every day, if you have read the three articles by THC, you will understand that understanding one means understanding a lot, all of which are tricks on kernel modules. How would you know if you don't read?
I don't want to get caught up in discussions of specific technical issues here. If you feel like you should do something, go and find it yourself. No one is putting on airs, and no one is born to do this. Ask yourself, have you done your best?