just starting out on this whole security thing, mostly web programming, and i think i already got hacked i keep getting a questioin if i want to change one of my system files to .htm (my guess is that they want to download it although still wouldnt make much sense). just a funny story i guess any way where to get started on the security, any suggestions? in a web programming direction prefer asp or php.
I would suggest reading through many white papers such as the one within our own Reading Room. It will require a (free) HP Passport account: https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-201-200^14344_4000_100__
You would also do well to familiarize yourself with the OWASP and WASC organizations. They offer many useful resources and guides at their respective web sites.