Site Registration

You must register for the site before your progress can be tracked.

Click here to register: https://navy.hoppersroppers.org/login/signup.php?

Secure Yourself Now

You signed up for this course to improve yourself, to learn how to secure yourself online, and to help others. That's what this section is dedicated to. If you finish this section and don't do anything else, your participation in this course will be a success in my eyes. Maybe not in your chain of command's but that's a completely different story.

Of course, I would prefer you to continue in the course, but I'm glad you are here, and I hope you stick around.

You're working from home, off your personal computer, so first, congratulations on all the bandwidth. You are all security professionals, so I know I don't have to drive this point home too hard, but the computers that you defend and maintain at work are significantly more secure than the one you are accessing this course from. You know everything I am about to tell you, but I'm going to tell you it again.

Your first assignment is to start using a password manager. Read this https://www.howtogeek.com/141500/why-you-should-use-a-password-manager-and-how-to-get-started/ to learn about password managers, and then install one, I recommend https://lastpass.com/. There's plenty of other password managers out there, but I've been using this one forever and that is the only reason I recommend it. Convince your friends and family to use password managers. If you don't want to do this now, skip it, I make sure you do it later in the course.

Your second task, if you do not already have one installed, is to install an ad-blocking extension. Ad-blockers do what they say they do, making your web experience significantly better, but also block trackers and lessen the chance of getting malware laden ads. For Chrome, I recommend uBlock Origin: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en. I don't use Firefox, but it has an ad-blocker built in which makes it the best choice for the privacy and security conscious. I also recommend installing Chrome and ad-blockers (or Firefox) on as many computers of friends and family that you do tech support for. If you don't want to do this now, skip it, I make sure you do it later in the course.

I'd like to think you don't already have malware on your computer but if you are working off of a shared family computer, there's a decent chance if you haven't checked recently. First, ensure that Windows Defender is enabled. If it isn't, turn it on. After you've done that, turn on automatic updates and ensure your computer is completely updated. If it isn't, update now. Once again, do this on as many computers as you are responsible for. You do it at work, do it home. If you're not on Windows, good luck not downloading malware you 1337 hardo. You'll probably be fine.

I know this stuff is obvious, but it's easy to be complacent when we get home. We know what best practices are, so do them.

Computer Related Health

You probably spend a ton of time in front of a computer at work, but now that you're at home, your setup might not be what it was. If you're going to be working through this course, competing in our CTF, or binging Netflix, these are a few changes you can constantly put into practice that will make you a happier and healthier person.

Ergonomics

Read this: https://www.mayoclinic.org/healthy-lifestyle/adult-health/in-depth/office-ergonomics/art-20046169

Now fix your setup so that everything aligns properly. This is an investment. If you have a laptop, find a keyboard and mouse and set the laptop up on top of books to get it to the right height when you are sitting down. Try to avoid having a laptop on your lap, get it on a table and sit in a chair.

Blue Light and Brightness

Drop the brightness on your computer as far as you can. Just trust me.
Are you used to your eyes hurting after too long on the computer? This is mostly from the blue light. There's a ton of research you can read to prove it, or you can download this and it will change your life. https://justgetflux.com/
- Windows has this option by default now, so check for that before downloading flux.
It is also an option to get blue light filtering glasses, they should be pretty cheap (>$30). I swear by mine, but hey, whatever, it keeps my eyes from hurting when I am about to spend 12 hours scrolling packet captures.

General Wellness

Coronavirus

You are likely working from home right now and should be practicing social distancing
For a great unofficial guide, check out https://arstechnica.com/science/2020/03/dont-panic-the-comprehensive-ars-technica-guide-to-the-coronavirus/
For the official .gov website, visit: https://www.coronavirus.gov/

Hydrate Constantly

My life motto is "Stay Happy and Stay Hydrated", and it is inscribed in my class ring... so yeah, I take hydration seriously
You should be going to the bathroom every 2-4 hours
Caffeine, and especially drinks like coffee and energy drinks dehydrate you

Sleep

Everyone loves bragging about being a hardo and sleeping four hours a night for months on end... guess what? It's not just stupid, it's actively hurting you in a variety of ways * https://www.nhlbi.nih.gov/health-topics/sleep-deprivation-and-deficiency

Nutrition

I'm not going to make you read anything, just don't eat cheetos and hot pockets and drink Monsters as your only sustenance for the day. Order in some Chinese or Thai. Not every delivery meal has to be pizza.
Cook your own food every once in a while. Instant ramen doesn't count. Cooking is fun as hell. Do it.

Fitness

Not going to beat this one to death. Getting your heart rate elevated for a few minutes a day is good for you, full stop. Do it.
Even if the PRT is cancelled you should still work out.
Looking for great resource for this, please recommend one if you have it.

Neurodiversity

Hackers are known for our neurodiversity, and our brains let us do amazing things, but sometimes they work in ways that don't always make the most sense to us and the people around us. Here are some resources to help understand what you or other people experience every day.
https://www.nimh.nih.gov/health/topics/autism-spectrum-disorders-asd/index.shtml
https://www.helpguide.org/articles/add-adhd/adhd-attention-deficit-disorder-in-adults.htm
If you have questions about medication, talk to your command's doc to get a referral to Mental Health. It's a process but it's worth it.

Mental Health

The more you know about these concerns and their symptoms, the better you can understand them. Additionally, everyone needs more general suicide prevention and depression training. It's not fun, but it is worth having all the resources you can. Read all of these. Help yourself or help your friends.
https://www.nimh.nih.gov/health/topics/depression/index.shtml
https://www.nimh.nih.gov/health/topics/suicide-prevention/index.shtml

There is a group named the Mental Health Hackers who are pretty cool and worth a look https://twitter.com/hackershealth.

Questions

Alright, you probably didn't expect this line of questioning in this course, and yet, here we are. Serious business time, three quick questions.

Have you wished you were dead or wished you could go to sleep and not wake up?
Have you actually had any thoughts about killing yourself? If so, have you thought about how you might do this?
In the past three months, have you done anything, started to do anything, or prepared to do anything to end your life?

If you answered yes to any of these questions, visit https://suicidepreventionlifeline.org/ or call 1-800-273-8255.

If you don't want to talk to a stranger, my name is Dennis, text or call me at 914-299-7537, email me, or message me on here. As an important note, I am not in your chain of command, so my interpretation is that I am not required to report any conversations I have. If anyone disagrees, let me know.

It's okay to not be okay, talk to someone.

Why?

You thought you were here to learn how to get better at computers so what is all this?

Well, hopefully your end goal of all this is that you become a better person and have a better life. If you want to be good at computers just for the sake of being good at computers that counts for something too, but to me, all this technology is just a way for me to accomplish more than I could by myself.

If you're going to be doing anything in this world, might as well take care of yourself first. Learning security comes far after you and your well-being.

Now, on to the show!

Letter from the Author

Dedication

This training is dedicated to the memories of Aaron Swartz, Bassel Khartabil and those named on the National Cryptologic Memorial.

Letter from the Author

After a decade of teaching myself how to use computers and a few years training others, I went and made the site that I wish had existed when I got into the field back in middle school.

Security is the shield of the modern world, and we need good people on the wall. Thanks for being up there.

Hack the planet

-Dennis

Why Security?

Computer security is the shield of the modern age. Without the constant battle on the frontlines between the people who want to see technology used for good and the people who want to use it for their own gain, or worse, to limit the rights and freedoms of others, the progress that occurs in the real world because of technology would be dramatically slowed. Security allows trust in technology, which leads to adoption, which leads to progress in one direction, or another. The more people able to help out with that fight, the faster we can move as a society, and less things will get broken and less people will be hurt on the way. That?s why this site exists, and hopefully, if you?re here for the right reasons, you?ll be able to jump into the fight with the tools you need to succeed.

This course is designed to give you the mindset and fundamental skills necessary to be successful in the information security field. If you already have some experience - great! But we do not to assume any prior knowledge of security or even information technology in general. At the end of this, you may not be a guru (hint: nobody knows everything), but you should have the mental models and base knowledge to use the Linux operating system, install new programs, and be equipped to find and understand the information you need to learn even more.

While I have tried to do everything in my ability to make this course self-guided, there are hundreds of places where a questioning attitude will identify clear shortfalls in the content. Some of these are intentional, most of them are not. Your questions and feedback will guide the development of this course so that it can become the best resource possible.

Surrounding this site is a community to help you and provide guidance as you move along. This community grows with each student who signs up, and our mentors will be there every step of the way to answer questions, explain difficult concepts, and talk about just about anything to help you along the way. Make sure to take full advantage of the many ways we provide to message other mentors so that we can all be part of this together.

Hopper's ...

We named out team after Grace Hopper because she is our favorite person in Navy computing history. You probably know who she is.

Have you ever heard the quote, ?It's easier to ask forgiveness than it is to get permission.?? That was her.

This quote comes from an interview in the July 1986 CHIP?s Ahoy Magazine, the Department of the Navy?s Information Technology Magazine. She was at the cutting edge then and it is a testament to her vision how well this interview stands up to the test of time. Her passion for knowledge and innovation is the most important thing you can carry with you.

Read this: http://www.doncio.navy.mil/chips/ArticleDetails.aspx?id=3563

... ROPpers

While there was a chance you knew what Hopper's meant, it is very unlikely that you have had any idea what Roppers meant, mostly because it is a word we made up to define a group of people who ROP. And if you have never heard of ROP, or Return Oriented Programming before, and.... that is not just okay, that is expected, because why on earth would you have known about an obscure programming topic before this exact moment in time. To quote Wikipedia, "Return-oriented programming (ROP) is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as non-executable memory (W xor X technique) and code signing by chaining together carefully chosen machine instruction sequences to get control of the stack..."

Don't worry; none of that should have meant anything to you. That would have made zero sense to me when I was sitting where you are sitting. Two years into my journey, I would have understood about half of it. Now at least I know what all the words mean, but I rely on friends who know more than me if I have questions.

While many other sites that attempt to teach this material assume you already know a great deal of knowledge, we take a different approach to make this challenging subject as approachable as possible. For all of the great resources out there, and all of the incredible pieces of training, nothing walks a complete beginner all the way through the process of developing a strong foundation in the fundamentals. Everyone wants to learn how to do stuff, but very quickly they realize that there is no way for them to learn everything. They?re not wrong, the vast and constantly expanding body of knowledge about this field makes it impossible for anyone to keep up. But what is most important for the beginner to realize is that with the proper knowledge of the fundamentals and a firm grasp on the hacker mentality, that irrepressible drive to learn and to do, nothing is too complex for them to learn if they put the time in. By managing your high expectations of yourself, providing constant feedback on your progress, and bringing you into the community, this is designed to minimize dropout rate while providing the best first hundred hours of a cyber security education possible.

Core Tenets

This site is designed around a series of ideas that we think will make your experience as a learner as good as possible.

No initial expectation of knowledge
Everyone moves at their own pace
Understanding foundational theory comes before building technical skills
Developing fundamental technical skills lays the groundwork for success in any topic
Knowledge must be actionable
The measure of a community is how they treat those who are trying to gain entry
There is no such thing as being done learning

Anytime something on this site doesn't seem to be matching up with our core tenets, let us know so I can fix it. We made as many possible mechanisms for you to help us improve our approach, the content, and the community of this site as possible. This site is a living entity and will change on a regular basis so that we can improve your experience.

So What is ROP?

All you need to know right now is that ROP is an advanced exploitation technique which beats advanced defenses by chaining together code which was already in a program. That definition is good enough for now, but if you stick around with us, soon enough you will know what it means and eventually you will be writing ROP chains of your own. The critical bit to understand is that you take snippets of existing code, chain it back together in a new order, and then use those to jump to where you need to go next. As you go through this course you will do the same thing, rearranging already learned information and skills to jump to new locations.

Nothing in this course is spoonfed, and while we try to give you good resources, there are multiple parts in the course where we tell you to swing by yourself and go find out how to do something. We do this when we know there are plenty of other high quality resources out there for you to learn from and we want you to become comfortable being given no direction other than a couple searchterms and having to rely on your own knowledge and problem solving skills.

Content

This curriculum was created based on inputs from members of the Boat School's Cyber Security Team and various guides scattered throughout the internet on how to break into information security. We put this curriculum together by aggregating all of the guides and tutorials we could find, took what we thought was important and added our own commentary. To say that this is built on the backs of a hundred other people's work would be an understatement, and we am forever grateful that we are part of a community which has created so many amazing resources. All attempts to cite source material have been made, if there is anything we have not properly attributed, let us know. Despite having been in the works for the last four years, this is the first iteration of the curriculum and it should change drastically as we see what does and doesn't work, and the only way we will know is feedback.

Legal

Community Guidelines

Our community guidelines are available here: https://www.hoppersroppers.org/guidelines.html. Please read them over.

Legal Stuff

Unsurprisingly, in this course you will learn some things that could be used to do bad things. You might not think they're bad things at the time, and they might seem like funny pranks, but the laws against hacking are very vague. Even more importantly, you probably have a security clearance, and having a pile of felonies you have to admit to is not a great look and will complicate your paperwork.

In the US, the law that surrounds this stuff is the Computer Fraud and Abuse Act.

Basically, all you need to know is that every computer is a protected computer and that it is a crime to intentionally access a computer or account without authorization or to exceed authorized access.

Exceed authorized access is a real sticky subject, and it has led to a bunch of unfortunate prosecutions.

To stay on the safe side, only access computers you own, or have written consent to access. You're lucky, because we have an entire network of training computers you can do whatever you want on. A lot of people don't, and that's where they get in trouble while trying to learn.

It should also be mentioned that copyright law is also a good way to get in trouble, not to mention that if you see software to pirate on the internet, it is very unlikely that it doesn't contain malware. Just don't steal things, we can almost always get a copy of whatever you want, it just might take some paperwork and some emails.

Classification

Absolutely nothing here is classified, in any way, whatsoever. Nothing is derived from classified information.

Join Us

Slack

Instant group messaging has been a cultural staple of the internet community since its inception, as it is truly one of the most important functions that global interconnectedness can serve.

Slack has become the messaging platform of choice, allowing group collaboration and real time chat along with various plug-ins and file hosting integration. We use it for many of feedback, support, as a forum, and as our primary instant messaging channel. At some point we might migrate to a self-hosted server, but for now, Slack is the easiest to work with.

Join our channel at https://launchpass.com/hoppersroppers and post a hello!

If this is not working for you, it is because you have an ad-blocker installed. If you do, whitelist the site or open it in Incognito mode and enter your email. We'll learn all about ad-blockers and why that broke the site for you later. If you continue having problems, message us here or email us.

Choose a nickname, or what we call online, a "handle" for yourself. Don't worry about it too much, you will come up with something good eventually, and you are not stuck with whatever you start with. As a general rule, don't call yourself something like "Dark Shadow". Unless you want to. In that case, do that. I probably had a dozen or so before settling on my current one, 'deevnull'. I liked mine because it is a nerd joke (that will be explained about halfway through this course) and incorporates my last name. Send me a message with a brief introduction to let me know you joined. We use Slack for just about everything from helping on problems, submitting feedback, or just talking about random things.

Twitter

Unsurprisingly, information security Twitter is a very exciting place. In the modern age, where information flows at the speed of light, Twitter is the place to be if you want to stay informed and on the cutting edge. It is an overwhelming amount of information, so you want to start off following only a few accounts. It is going to be a lot for you right now to actually try to read and understand the firehose, so we will start you slow and with a small number of beginner-friendly follows that really only post news. If you don't want to do Twitter yet, just skip it.

Optional:

Create a "professional" twitter account! Remember, this twitter will be able to be associated with you, even if you want to stay pseudo-anonymous. Always keep it fun and professional. Now subscribe to this list, or just follow them: https://twitter.com/deevnull/lists/cst. This list has been curated to only include must follows with a range of jobs that will provide insight into what is happening around the field.

Follow @HoppersRoppers on twitter so we can follow you. Again, if you don't want to do Twitter yet, just skip it. It is mostly just a giant waste of time, but it is interesting and you learn a ton.

The Team

The 'Competitive' Team

This site is designed for getting you up to speed so you can confidently compete in security competitions. What this site is not is a series of competition problems for you to solve, which while seemingly the obvious way to teach this, winds up discouraging learners early by really kicking the crap out of them. We teach the basics, and the next course will be where you find yourself facing down challenges. Luckily, that is way easier of a course to make, because I just borrow them from old competitions. This course is to prepare you, not to get you experience in competition. It's a different approach philosophically, but it will pay off.

When you sign up for this site, you automatically become a member of our not-at-all competitive team, which also happens to be named Hopper's Roppers. This whole site is grown out of the training I made for my college security team who competed in various cyber security competitions. Now, Hopper's Roppers is a distributed team, open to anyone, but is especially meant to be a place for beginners to learn the ropes in and we will participate in any event we have the numbers for. You will not be ready to compete while you are still working your way through this course... the good news, is you don't need to be ready to compete to do it. All you have to do is sign up, know your brain is going to hurt and you probably won't understand anything, and be ready to learn.

The primary type of security competitions are CTFs, or Capture the Flags. This is a great resource to learn about CTFs. https://ctfd.io/whats-a-ctf/. All of the training here is built around the idea of preparing you for success in the security field, and there is no better measure of ability, grit, and the hacker mentality than playing in a competition. Every CTF requires you to use what you already know to identify what you will need to learn on the spot to solve the problem. As you are now a member of our team, we will let you know when competitions are occuring and we hope to see you there if you have the time. Even if you are new and don't think you have anything to contribute, you will learn more picking someone's brain as you shoulder-surf them (or watch them on Twitch) than you possibly could trying to learn by yourself.

This Stuff is Hard (Hidden)

Doing cool things with computers is hard (have I said that before), and yes there is an aspect that requires technical knowledge, but mostly, it just takes time. Doing cool things with computers is less of a technical challenge and more of an attitude and a willingness to work hard and teach yourself what you need to know in order to succeed in whatever you are trying to do. Our curriculum here is meant to give you the basic tools you will need to understand the challenges you face, but solving them is going to be on you. We'll be honest, this isn't easy. This isn't something that will take you a month or two to get the hang of. One of the primary curses of doing cool shit with computers is that each time you learn something, you immediately realize a new pile of things that you do not know. There's nothing wrong with not knowing things, and no one could ever expect you to. Even "experts" will only know a small slice of the greater field that is doing cool things with computers. Expecting anyone to be good at everything is ridiculous, but it is even more ridiculous for anyone to think a beginner should know everything... or really, anything. There's a lot of acronyms, slang, in-jokes, and domain specific knowledge. One of the promises we will make to you is that we will not ever put in an acronym, slang, or in-joke without explaining it.

If you can stick with and complete this course, you will be armed with the baseline knowledge and attitude you need to be able to learn anything. Probably the most important skill you will learn is how to use all of your resources effectively, whether that is your classmates, teachers, reference pages, or Google. Mostly, Google. It will take a year or two before you get comfortable and stop feeling totally lost every day, but then you'll just start working on harder problems and you'll wind up more confused than you could imagine being now. Being good at computering is a long term process of reinforcing and building on the basic knowledge we will teach you in this course, and it will never end until you decide the computers have won. Don't let the computers win, and keep learning everything you can.

Hacker Attitude

Read this: http://www.catb.org/~esr/faqs/hacker-howto.html#what_is

It isn't perfect, but it will do for now until I write a new one.?The biggest problem with this is that the author, while once a famous hacker and important member of the open source movement, is a total asshole. None of the content is bad, but we are in the process of trying to write something to replace all of his content in this curriculum.

While there is a lot in there that is very interesting, the most important part is the hacker attitude.

The world is full of fascinating problems waiting to be solved.
No problem should ever have to be solved twice.
Boredom and drudgery are evil.
Freedom is good.
Attitude is no substitute for competence.

These 5 statements provide a reasonable framework for how you should approach learning this material. It should be fun, we shouldn't be wasting your time, there should be multiple ways for you to succeed, and we are measuring success by your ability at the end.

Hacker Ethic

From the same site as the Hacker How-To comes this brief description of the hacker ethic. Again, I am in the process of writing something else, but for now this is good enough.?

Read it: http://www.catb.org/jargon/html/H/hacker-ethic.html

It breaks the hacker ethic into two main beliefs that complement one another:?

The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing open-source code and facilitating access to information and to computing resources wherever possible.
The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality.

A longer version of the hacker ethic comes from the famous book Hackers: Heroes of the Computer Revolution that you probably should read someday, but there is no rush. I haven't read the whole thing yet. ?

The Wikipedia article is pretty good so read it:?https://en.wikipedia.org/wiki/Hacker_ethic

They come out to six key beliefs:

Access to computers?and anything which might teach you something about the way the world works?should be unlimited and total. Always yield to the Hands-On Imperative!
All information should be free (Often a topic of debate, he means free as in speech, rather than free as in beer)?
?Mistrust authority?promote decentralization
?Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
You can create art and beauty on a computer. The concept of "hack value" is doing something that is worth doing because of the "playful cleverness" required.?
?Computers can change your life for the better

RTFM

One of the key parts of this mindset is sharing knowledge with others. A great quote on the subject is 'There is?nothing noble?in?being superior?to your fellow man; true nobility is?being superior?to your former self.' ?Not to mention, the more you give back to the community, the greater the value you provide. If you're just starting off, you might not think you have anything to provide, but in fact, you're looking at the world with a different perspective than someone who has done it for years. For example, you can provide feedback on when training makes no sense or isn't as effective as it could be, and help make it easier for the next person to go through it. This site is a work in progress and the more feedback we receive the better it will be. ?

With that said, you're definitely going to have questions. There are nearly infinite resources out there, and it is rare that you wind up doing something no one has ever done before. If you think you are there, message someone or make a post in the forum so we can all look for resources, and congratulations. Before that you have google and people here to help you, and we will always try to help in any way that we can. One of the worst things about hacker culture is this idea that someone should ?Read the F-ing Manual? or ?RTFM?. The first recorded use of this was in a user manual for some program in 1979, so it goes way back. On first glance, RTFM is a great response for any question that should have been answered by a casual glance at the manual. The problem with this idea is that a large body of knowledge is usually required to understand the manual, and even before that, you need to know the manual exists. If you are taking this course, there is no possible way you can be expected to understand a manual because you are just getting started.

Man-Pages

The most common "manual" you will come across in this course and your travels through hackerdom are the man-pages that accompany every single aspect of the Unix operating system, and they are a great resource for people who have spent years learning how to understand them. Right now, you don?t have the knowledge to be expected to understand how they work, and that is fine. There is no pressure to know anything, but there is pressure to learn.?

The comic web site Xkcd is a nerd cultural treasure and you will see it referenced constantly. Read this comic

Alt-Text

You might be thinking to yourself... what is alt-text? Funny you ask that. Depending on your current browser, figure out how to view the web page's source code for https://xkcd.com/1692/. This might require some Googling. What you are looking at is hypertext markup language or HTML for short. HTML is the language that websites are made of. (If you already knew that, good for you, I promise that the rest of the course gets significantly more in depth.) You will learn more later, but for now, look at the code and find where the main picture is stored in the webpage. Now do you understand what alt-text means?

In Defense of RTFM

RTFM gets a bad rap for good reason, because it is usually used as a put down on someone who doesn't know much about a subject... with that said, once you have the knowledge to understand a topic, if you are using that software, you should read the manual. Even if you don't understand the manual, if you are going to ask a question, you might as well reference that you know the manual exists and that what you are asking is referenced, you just need clarification. If you ask questions effectively you will find you understand your initial question and the topic much better than if you had someone explain the answer to just your specific question.

Google

There are very very few questions you are going to ask that Google can't answer. But for right now, you probably don't even know what you should be googling for. Luckily, you have people here who can help you. One of the best questions you can ask people for is for search terms on a subject. That way they don't have to spend time explaining it, and you get all the benefits of doing the research yourself. You might already know some cool google tricks to get better results, but don't worry... we will teach you all of them until you are wise in the ways of Google Fu.

Questions

We expect you to be constantly coming across words, phrases, and entire concepts that you have never seen before and are totally lost in. When you have to get things done, you'll have to learn more about it and one of the best ways to get those holes in your knowledge filled is to ask questions.

Here are some guidelines for asking questions.

There is no such thing as a bad question, especially on this site
Write up your problem with as much information as possible
Describe your problem's symptoms in chronological order
Describe the goal, not the step you are on
Follow up with a brief note on the solution

You can private message us, post on the forum, throw it on Slack, whatever. No one here will ever get annoyed, because there is really no such thing as a bad question, just one you haven't researched enough.?Even if your question isn't related to our courses, we are happy to help.

If you're in person, just ask. It's faster than Googling and you'll get more out of it.?

We already told you what RTFM stood for, so now we're gonna have you do it.?

Visit this man-page and write down the first three things you don?t understand.?(I don't expect you to make it past the Name, "bash - GNU Bourne-Again SHell", there is so much to unpack in just that).

Then Google one of them and figure out what it is. Submit a sentence or two explaining the thing you didn?t know.??For the love of everything, don?t read any further once you are done with that. Remember Rule 3 of the Hacker Attitude, ?Boredom and Drudgery are evil.? If you're not getting anything out of something at any point in this course, don't do it, and leave us feedback that we are wasting your time. We mean that. You won't hurt our feelings.

Learning

Read this, it is a wonderful intro to the psychology of learning and where you are as a student https://azeria-labs.com/the-process-of-mastering-a-skill/.

We all want to better at learning... but how do we do that?

Relevant Comic: https://xkcd.com/1053/

The most important thing to realize while you are on this journey is that you will never know everything, because nobody knows everything. All you can do is keep working at things and eventually, you will start understanding more because you have a strong foundation to build on. We are here to help you build that foundation.

Brainwashing and Learning

Brainwashing

As we said before, hacking is a mindset, not a skillset. Sure you'll pick up plenty of useful skills along the way, but the primary benefit of the hacker mentality is being able to look at the world, see a problem you've never approached before, and figure out how to solve it. We are trying to cultivate that mindset, and yes, we are going to try to subtly brainwash you. We're not sorry about it. Genuine interest and drive are the two best indicators of success in this field, and we want to encourage it as much as we possibly can. How do we teach that? How do we measure that? We don't know. If we were pretentious losers we might say we're trying to hack your brain into becoming a hacker. But we're not. So lets call it brainwashing. Are you okay with being brainwashed?*

Note: This probably is not legally binding.

Continuous Learning

Learning this stuff isn't easy. The content is difficult, the scope of what there is to learn is tremendous, and the rate of innovation and change in this space makes keeping up seemingly impossible. If you are thinking right now that you'll never learn everything; you're right! There is an infinite amount to learn, so choose the stuff that interests you and learn that. This course is intended to give you a general base of knowledge so that you can succeed with anything you do, but if you want to be great you have to love what you're doing and keep getting after it. For the rest of your time computering, maintain a series of lists. I recommend a Google Sheets file with a bunch of tabs. These are just a few I recommend, I'm sure you'll make more.

Questions you don't know the search terms for
Questions that google can't answer
Things you want to learn how to do
Things you want to learn more about
Things you want to make or help make
Things you want to tell other people about or write about
Potential future reading material
Links to things you want to remember

We will do our absolute best to help you keep these lists short. There will be section in the Slack for random questions, from ELI5 style to "Make me a tutorial", or you can always just private message it.

Goals

"Complete this course, as defined as finishing all the content that applies to me, before____________"

With most of the goal already defined for you, what you need to focus on is the timeline you want to set for yourself.

Answer these questions:

How much time a week do you want to spend working on this?
How much time a week do you think you will actually have to work on this?
When will you complete this course?

Submit your answers to these questions.

Virtualization

Building Your Own Lab

Introduction

Building your own home lab is important for a lot of reasons, but most importantly it is fun and teaches you a bunch of valuable information. In this section we will do some work securing our daily lives and install a virtual machine for us to work on. What you will be making is uniquely yours and will be something that you will work on and refine for the rest of your time doing the computers. This is your new workbench/hangout spot, so take pride in what you are making and make it yours.

Virtualization

Why do we use virtualization?

Read https://www.redhat.com/en/topics/virtualization

Write up a few sentences on the primary benefits of running a virtualized environment inside of your Windows machine.

Install VMWare

Install free virtualization software to run your virtual machine in!

I recommend VMWare player, as that has been what I have always used, however there are many alternatives, primarily VirtualBox and QEMU.

NOTE: If you already have one of these two installed, use them if you don't want to download an extra program to your computer. It will slightly change your experience, but everything that happens inside the VM will remain the same so it will not hurt your ability to learn.

https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html

This should be very straightforward. When you are complete, submit a screenshot of VMWare (or whatever you decided to use). Use the Microsoft 'Snip' tool to forever change your screenshot game. Just type "Snip" into the search bar and it will appear.

Install Ubuntu

Install the Linux operating system Ubuntu using your virtualization software of choice! If you already have a VM with a Linux image on it, you don't need to download a new one just for this course. It will not change any aspect of your experience and there is no need to waste time or space.

An image is what we refer to an Operating System when packaged into a format that can be run off of a disc, usually having a .iso extension. We can download .iso's and boot off of the disc, but it's generally easier to use a VM.

https://www.ubuntu.com/download/desktop

I could give you more information on what to do for this, but there are a ton of tutorials and youtube videos out there. Should be an easy google, and the information doesn't change too much. Let us know if you have any problems, but I recommend going step by step through a tutorial. This is your first challenge that we are telling you to figure it out yourself.

Source: https://www.instagram.com/thesquarecomics/

We always try to link to the source of things, even dank memes. It's a weird thing to care about, but the internet makes it so easy to repost images without any way of crediting the author, and they're producing content so might as well throw them a follow.

When you're done, submit a screenshot of you running the Linux VM.

Install VMWare Tools

Your VM might have automatically done this for you, or perhaps your guide had you did this. If not, you need to install VMWare Tools for Ubuntu. If you are not using VMWare, skip this.

You need this for a lot of critical usability things, and it doesn't come pre-installed. You have most likely already seen prompts telling you to do this. Do it. I'll be honest, this can be kinda difficult sometimes, but you gotta figure your own way through this. Again, if you have any trouble, and this takes more than a half hour to figure out, call someone over or message us and we will help you out. There is no shame, I've had VMs before that I gave up trying to install VMWare tools and just sucked it up for a week. You'll be on this VM for a while, so you need to get it installed.

When complete, submit a screenshot that shows VMWaretools installed.

Ubuntu

Using the fantastic site LinuxJourney to learn about Linux history.

Then read, from the same section, Lessons 2 and 5. https://linuxjourney.com/lesson/linux-history

From Linux came Ubuntu, the most common of all Linux operating systems. Read about the OS. https://ubuntu.com/about

Now that this is yours,i it is time to personalize it.

Recommended Tasks:

Change Wallpaper
Install Google Chrome
Install Unity Tweak Tool and do something interesting
Install VLC Media Player
Install GIMP and make me a meme. Post your meme in the Slack.

Linux Journey Command Line

Linux Journey is an amazing site that has the best guides on how to use Linux out there. Complete the class located at this link and submit a screenshot of the completion confirmation when you are done.

When working through all of these classes, do all actions listed on the page in your own browser and play around to see how they work. https://linuxjourney.com

Linux Journey Text-Fu