Re: best security books????

What type of security are you interested in? Security is a broad field.

Re: Re: best security books????

all books in all types .. i want to know what ppl are into =P
:D

Great Books

Hacking Exposed.
The Art of War.
Foders Las Vegas.
Dating for Dummies.


I'm set.

Books

If you're just looking to get into hacking books. Then I can suggest a few. To get you started. I've read about 80% of the security/hacking books out there. I could write about books for hours but I'll hold back and make this brief. I am assuming this is for someone new to the scene so take my suggestions as such.

I agree with ASTCell on Hacking Exposed. A lot of people talk shit on it. But it is good for beginners, and you should read it from cover to cover. DO NOT skip Footprinting and Enumeration. And all of the Hacking Exposed books are good, so check out HE: Linux and HE: Windows 2000 while you're at it.

Read TCP/IP Illustrated. Also read this one from cover to cover. It is quite possibly one of the best books I have ever read. You will understand networks 100 fold after reading this book. After you're done reading this, read Hacking Exposed again. Things will make more sense.

Know Your Enemy is about the honeynet project and is a really good read. If you know anything or want to know anything about honeynets or honeypots, pick this one up.

For Hacker Culture I could suggest a ton of books. But my personal favorite is Masters of Deception it's about the MOD back in the golden days of hacking. I think it really captures what hacking was like back then and what we all wish it was today, at least that's my opinion. Reads like a novel and is well worth the read. Also, of course, read The Cuckoo's Egg. Again, novel like read with a great story.

I have a large collection of hacker related material that I have collected over 12 years, especially before it got super mainstream. There are some serious classics to read... the ones being listed on this thread are great, don't forget the FORBIDDEN SECRETS OF THE LEGION OF DOOM HACKERS


http://www.loompanics.com/cgi-local/...0+-C+Computers

be careful though there are some books on that link that suck... the con usually has a lot of them, browse through them first.

Otherwise if you are more into the networking/programming side(which you should know how things work),
I would suggest for windows programming (no boos from the peanut gallery) to get the 'writing secure code', 'network programming for microsoft windows', tcp/ip black book', 'windows 2000 system programming' and such... :)

The Cuckoo's Egg, now that brings back memories. Cliff Stoll really knew his stuff, I am sorry that I lost touch with him.

I was always hoping a movie would come out.. would be neat if done correctly but we all know how that goes..

As texts go, Maximum Security Third Ed. wasn't bad... The Hackers Handbook gave some quick beginning pointers. I found the Hacker Ethic, written by Torvalds, Himanen, and Castells interesting reading, although not exactly along the lines of technical reading. HE 3rd Edition seems to do a pretty good round out job for all the above. TCP/IP Illustrated is god. I'm only a little into it so far...

Stoll

PBS did a documentary about it narrated and starring cliffy, but it doen't appear available except for some university libraries...

A fascinating tale of life on Internet, the international computer academic/educational/research network, that develops into a real spy story. Lots of explanations, but plenty of good technical stuff as Stoll does his detective work to find out who is breaking into his computers! (AND those of the U.S. military.) Hope College, GVSU, WMU, KVCC and most other colleges are connected to the Internet - in theory you could get a computer account and be a part of all this. PBS' Nova did an episode based on this story. Includes a great cookie recipe.

As to books...

Start here:
http://sun.soci.niu.edu/~rslade/mnbkscnt.htm

But especially check out:

Practical UNIX & Internet Security, 2nd Edition by Simson Garfinkel & Gene
Spafford
O'Reilly & Associates
ISBN: 1565921488

Hacking Exposed, 2nd Edition by Joel Scambray, Stuart McClure, George Kurtz
October 2000 $39.99
ISBN: 0072127481

The NCSA Guide to Enterprise Security: Protecting Information Assets
Michel E. Kabay, CISSP McGraw Hill Text (McGraw-Hill Computer Communications
Series)
April 1996 $50.00
ISBN: 0070331472

Information Warfare and Security Dorothy Denning
Addison-Wesley 1998 $34.95
ISBN: 0-201-43303-6

Re: As to books...

The third edition is even thicker, updated stuff for 802.11 etc etc Haven't read through it yet, but can only imagine they improved

This is a fun book in the vein of Hackers Exposed

Another fun Security Book to read:

Amazon.com: buying info: Hacker's Challenge : Test Your Incident Response Skills Using 20 Scenarios:
http://www.amazon.com/exec/obidos/AS...122669-6047262

Instead of a "here's info and read" this is a book of 20 case studies of security incidents with exhibits. It's a fun read to see if you can pick up on all the "clues" that the Security expert found.

Another good place for "real time" info is to sign up for the SANS newsletters - you can tailor it to cover whatever OS you have [Unix, Linux, MS] SANS Newsletter Subscription:
http://server2.sans.org/sansnews

And yo save a ton of money, shop at www.bookpool.com They have it all, really.

local bookstores especialy B&N have tons of books on the cheap if you watch you can get books for up to half off some times even cheaper (ususaly these are older/discontiuned/ first or second editions) but still good info for newbies also if you have a a local hastings keep an eye on their bargin books section i've found tons of useful books that they decide to quit carring and they throw the last one or two in the store onto the bargin shelf some times for as low as 2.49 (sometimes really good info and expensive editions including blackbooks and larger que manuals)