Preparation
Participants at the Security Summer School are required to have good operating systems knowledge, abilities of working with the Linux command line, good C programming skills, fair Python programming skills and fair assembly programming knowledge.
If you lack some of these or feel that you are a bit rusty, please take the time and follow these resources to prepare. These are useful both for preparing for the interviews and for kicking off the SSS sessions.
- programming-centric labs from the Assembly Language class: work labs #6, #8, #9, #10, #11
- process/memory lectures from the Operating Systems class: read and do the demos for lecture #3, #5, #6 and #7
- introductory labs for the Computer and Network security class: work the 1st and 2nd labs
Concepts you should be aware of: process, virtual memory, virtual address space, page fault, buffer, buffer overflow, return address, stack, stack frame, call
, ret
, stack pointer, frame pointer, memory allocation, compiling, assembling, linking, disassembling, heap, function, calling convention, kernel space/mode, user space/mode, system call, register, bus
Tools and commands you should know: gcc, make, vim, Bash, VirtualBox, objdump, strace, GDB, lsof, pmap, ps, ls, find, hexdump
Gimme More
Not required, but if you are fond of knowing more before or during the Security Summer School, we recommend you visit the challenge/wargame sites below:
- Overthewire: start with the lower levels and then move on
- IO Netgarage: this is the classical exploit-centric wargame site; it may be difficult for beginners
- Hack This Site: a bit of everything, all tastes and colors