Softpanorama

Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
May the source be with you, but remember the KISS principle ;-)
Bigger doesn't imply better. Bigger often is a sign of obesity, of lost control, of overcomplexity, of cancerous cells

Network Security books

News See Also Open Introductory Intro to Network Administration Advanced Reference
IDS Routing DNS Security Troubleshooting SMTP Microsoft
 TCP/IP
IBM Redbooks
NIS DHCP OSPF IP6 BGP4 CCNA Certification Etc

Note: IDS (mainly Snort-related) books are covered in a separate page.

For security books one should be especially beware about "lemming effect" reviews, when a lot of newcomers to the field praise a very weak book with an attractive title. The word "Hacking" is a real cash cow in the security book title.  I recommend you to be very skeptical about  any security book with this particular word in the title; real professionals are seldom so greedy, snake oil salesmen usually are  ;-)

Among semi-decent Unix security books I would like to mention  Linux System Security: The Administrator's Guide to Open Source Security Tools  by Scott Mann. Contrary to the title it's not a Linux specific book: it covers generic free Unix tools. Although tools themselves are covered rather superficially, this book can help understanding your tools needs and might be instrumental in installing and using of some of recommended tools.

A rare good book is Mastering Network Security by Chris Brenton.

So far a decent (but outdated) introductory book on Unix security is still Practical Unix and Internet Security. I am not big fun of this book, but still I would like to admit that it's a decent book. The major drawback is that it's not tools oriented and large part of it is quite outdated. See my review of the book. But the biggest advantage of this book is that it's available in HTML. I feel that it should be used with Linux System Security: The Administrator's Guide to Open Source Security Tools  -- a better and more modern book, but not introductory in nature.

For TCP/IP-related security in addition to Mastering Network Security you can find 50% discounted Actually Useful Internet Security Techniques Larry J. Hughes / Published 1995. It's not bad, but outdated... See my list of booksellers.

See also: Peter Gavlin Security book review the good the bad and...the worst - SunWorld - October 1998  -- preferences IMHO are questionable, though ;-)

Dr. Nikolai Bezroukov

 


Search Amazon by keywords:

 You can use Honor System to make a contribution, supporting this site

NEWS CONTENTS

News

Best Linux Security Books

Absolute OpenBSD & iptables... (Score:1)
by robw810 (819414) * <robw810@yahoo.UMLAUTcom minus punct> on Friday July 08, @11:29PM (#13018765) Regardless of whether you intend to actually use OpenBSD, I strongly recommend reading Absolute OpenBSD anyway - it's good reading for administering *any* UNIX-like server.

As the original poster stated, netfilter/iptables isn't the easiest thing to figure out, but it's not so bad once you get there. To help, I recommend reading Robert Zeigler's "Linux Firewalls" (second edition) - you can probably find it on Amazon.com for less than $20 (US).

Regardless of what you decide, good luck!

[Apr 5, 2005] Network Security Tools

by Nitesh Dhanjani, Justin Clarke

List Price: $34.95

Building Open Source Network Security Tools Components and Techniques

Table of Contents
Introduction.
Acknowledgments.
About the Author.
About the Contributor.
About the Technical Reviewer.
The Network Security Tool Paradigm.
The Libpcap Library.
The Libnet Library.
The Libnids Library.
The Libsf Library.
The Libdnet Library.
The OpenSSL Library.
Passive Reconnaissance Techniques.
Active Reconnaissance Techniques.
Attack and Penetration Techniques.
Defensive Techniques.
Tying it All Together: Firewalk.
References.

MIKE D. SCHIFFMAN is Director of Security Architecture for @stake, the premier provider of professional security consulting services. Previously, he was Mike Schiffman a.k.a. "route"/"daemon9" for years, since he was editor of Phrack magazine, director of research and development at Guardent, a leading provider of managed security services. He also held senior positions with ISS as well as Cambridge Technology Partners.

Schiffman has developed numerous security tools and is the author of Hacker's Challenge.

See also Slashdot Building Open Source Network Security Tools

Building Open Source Network Security Tools , just as the name suggests, is about how to build network security tools. This is a technical book, so you are going to have a little knowledge of C and your networking principles. This is definitely not a manager's book.

First the book describes some basic principles in developing security software. This is a quick primer in case you have never been involved in software development. Next the book goes on to describe several commonly used libraries like libnet and libpcap. For each library, the structures and functions are explained, then there is sample code. I have written programs using libpcap and libnet before, and I still learned something. There is even a section on OpenSSL programming. OpenSSL is a rather large and cryptic, no pun intended, library (in my experience anyways). This book sheds some light on it! These chapters are a great reference to have when making a new security tool.

The author then goes on to explain the several techniques like attack and penetration and active reconnaissance. Not only does the author tell you how they would in a technical sense, he provides code that does it, and explains each piece. This is very useful since most tools in the wild aren't very well commented ;) There is also a chapter on buffer overflows and format string vulnerabilities. These chapters are very well done and do a good job in explaining how they work and how to write code to use them. It may sound like this is an offensive hacker book, but it also gives examples on how to write defensive programs, like a port scan detection tool. At the end of the book the author ties it all together with a large program that utilizes many of the techniques mentioned in the book.

I found this book to be very refreshing. I had been waiting for a good security programming reference, and this is it. As a part of the Honeynet Project, I have seen a large number of compromises and tools, and one thing I've found is that in order to truly know who your enemy is, and how they operate, you need to know how their tools work. I wish this book had been released years ago when I first became interested in network security. It would have saved me from stumbling around old web pages and dead links. If you're an information security professional, this book is a must have for your library.

TCP/IP Network Administration, 3rd Edition

This complete, hands-on guide is essential for network administrators and invaluable for home Internet users.

The book starts with the fundamentals: what protocols do and how they work; how addresses and routing are used to move data through the network; and how to set up your network connection. It then covers, in detail, everything you need to know to exchange information via the Internet, including advanced routing protocols and configuring network services. The expanded third edition includes sections on Samba, Apache Web server, network security, and much more. Sample Chapter 9, Local Network Services, is available online.

Hardening Cisco Routers focuses exclusively on ways to secure Cisco routers, emphasizing practicality and a hands-on approach. Concise and to the point, Hardening Cisco Routers supplies you with all the tools necessary to turn a potential vulnerability into a strength. In an area that is otherwise poorly documented, this is the one book that will help you make your Cisco routers rock solid. Sample Chapter 10, NTP, is available online.

Open

**** [May 20, 1999] The Networking Cd Bookshelf : 6 Bestselling Books on Cd-Rom ~ Usually ships in 24 hours
Paul Albitz, Cricket Liu / Software / Published 1999
Amazon Price: $71.96 ~ You Save: $7.99 (10%)

Not that much updated in comparison with 1996 edition. The package includes a CD-ROM with the complete text and graphics of these books, formatted in HTML, readable with any web browser, and fully searchable and cross-referenced:

As a bonus, a hardcopy version of DNS and BIND, 3rd Edition is also included.

Introductory

*** Managing Cisco Network Security
by Florent Parent, Oliver Steudler, Jaques Allison
  • Paperback: 466 pages ; Dimensions (in inches): 1.12 x 9.20 x 7.42
  • Publisher: Syngress; 1st edition (October 30, 2000)
  • ISBN: 1928994172
  • In-Print Editions: e-book (Adobe Reader (PDF)) | All Editions
  • Average Customer Review: 3.75 out of 5 stars Based on 4 reviews. Write a review.
  • Amazon.com Sales Rank: 141,394
Not bad and can be bought cheeply ($10 or so).
2 out of 5 stars CONCEPTUAL GUIDE, January 5, 2001
Reviewer: suppo40 (see more about me) from Tampa, Florida USA

The Syngress publication "Managing Cisco Network Security" provides a decent collection of concepts pertaining to architecting secured information systems. However, I found the book lacking in examples of creative applications and substantially less comprehensive than documentation available on Cisco System's web site. In this respect, I was disappointed with the publication contents.

I would recommend the book to those seeking foundation knowledge in the art of network security while cautioning that expectations of specific Cisco guidance might be better satisfied through research of Cisco repositories.

**** Mastering Network Security
Chris Brenton / Paperback / Published 1998
Amazon price: $31.99 ~ You Save: $8.00 (20%)
Average Customer Review: *****
Table of Contents
Decent introductory book. It's interesting to know that Chris Brenton is not just "security professional" exiled to security because of inability to work in any other field :-) . It looks like this author does understand networking. He authored two networking books:
Mastering Cisco Routers
Chris Brenton / Hardcover / Published 2000
Amazon price: $37.49 ~ You Save: $12.50 (25%)
and
Multiprotocol Network Design and Troubleshooting
Chris Brenton / Hardcover / Published 1997
Amazon price: $34.99 ~ You Save: $15.00 (30%)
Here are some readers reviews from Amazon:
***** Excellent handling of the subject - a MUST read !!!
Reviewer: ajitmohanraj@vsnl.com from India July 11, 1999
What struck me in my reading experience of this book was the author's superb hold on the subject of security and the structured manner in which he approached this whole topic. The book was very hard to put down once I got going and in fact, it gave me a lot of insight into some day-to-day tasks that we take for granted at the office setup. His practical down-to-earth examples only served to highlight a concept he was putting across. It is a MUST read for anyone getting into the "security" arena and I liked the style of writing too - gave me a feeling that the author was addressing me on a one-on-one basis throughout.

I felt the chapter on IDS could have been dealt with on a much broader perspective rather than from a product perspective. We have used a lot many ideas from this book to structure our in-house security sessions.


Troubleshooting

**** Cisco Router Configuration & Troubleshooting (The Landmark Series)
by Mark Tripod.
Amazon Price:$27.99
Textbook Binding - 271 pages (January 1999)
New Riders Publishing; ISBN: 0735700249 ; Dimensions (in inches): 0.65 x 9.01 x 7.03
Amazon.com Sales Rank: 29,537
Avg. Customer Review: 4.5 out of 5 stars
Number of Reviews: 6
5 out of 5 stars Great examples. Well worth the price! April 22, 1999
Reviewer: mlholloway@yahoo.com from Las Vegas, NV
With the price of Cisco books, it's amazing I was able to find one this complete for less than $30!

I am a CCNA who is still fairly new to Cisco products, but not routing. I now work with Cisco products every day and I also have a home lab for the CCNP/CCIE - so this book is worth it's weight in GOLD to me.

The thing that impressed me the most is that it goes beyond simple Cisco 800/1600/2500 series router configuration examples and uses many of the high end router IOS commands - so no matter what you are configuring, whether it's a 2501 or a 7000; ISDN, FDDI, Ehternet, or Token Ring; SNMP,TFTP; RIP, BGP, or OSPF; or any of the other major Cisco "must know" items then you need this book.

As a CCNP/CCIE candidate AND a Network Administrator I really have an appreciation for the "Case Study" in the book. It *really* shows you what to expect in the real world environment of WANs. BTW, it makes a great CCIE Lab Scenario too!

Overall, I feel my money was very well spent. It has already paid for itself. It will be on my desk for a long, long time.

**+ Troubleshooting TCP/IP
by Mark A. Miller. Paperback (July 1999)
Amazon Price:$39.99
Paperback - 785 pages Third Edition edition (July 1999)
IDG Books Worldwide; ISBN: 0764570129 ; Dimensions (in inches): 2.01 x 8.96 x 6.98
Amazon.com Sales Rank: 148,274
Avg. Customer Review: 4 out of 5 stars
Number of Reviews: 2

In reality this book is about protocol traces. Half of first 500 pages is rehash of general concepts. Appendixes that consume almost 200 pages (from p .519) are completely useless. CD contain RFC and is not organized well. No other methods of troubleshooting are discussed. I do not see any significant changes since the second edition.

For example the author approach to troubleshooting internet connection in Ch.4 is not realistic and too complex. Book is poorly organized.

3 out of 5 stars could be much better January 4, 1999
Reviewer: yong@shell.com from Houston, TX
The author may be an expert but he's not a good writer. There's too much talk and too many "facts" you have to memorize. When it finally comes to interpreting sample network analysis reports, it's not nearly detailed enough. I thought the opposite before I bought the book. Secondly, as common to all books published by a cheap publisher, there're too many errors. Third, the CD contains RFQs, which you can get from the Internet. No programs. I wish I could get the sniffer program he used in the book. --This text refers to the Paperback edition.

2 of 2 people found the following review helpful:
5 out of 5 stars practical knowledge on reading packet traces November 14, 1998
Reviewer: A reader from San Jose, CA
Everyone seems to have lots of great reference books on network design and protocol specifications.

If you actually have to fix a network problem (or even harder, explain to a vendor that they need to fix a problem), your best bet is to show them a packet trace and say "there is the problem, and it's your fault!"

The only way to do this is to learn to read packet traces. Theory is not always useful in practice.

This book complements all any network library, and is a easy read for reasonably experienced network professionals. The structure of the book is simple. Each chapter provides a brief review of a concept, then several example problems. Each problem comes with a problem description, a packet trace, and a solution.

The ability to define a problem in this way is both cool and great for the resume.

TCP/IP Analysis and Troubleshooting
by Laura A Chappell. Spiral-bound
Amazon Price:$59.95
Spiral-bound - 160 pages (January 10, 2000)
podbooks.com; ISBN: 1893939014
Amazon.com Sales Rank: 87,668
Avg. Customer Review: 4 out of 5 stars
Number of Reviews: 1
Troubleshooting Windows 2000 Tcp/Ip
by Syngress Media, et al. Paperback (April 2000)
Amazon Price:$39.96
Novell's Guide to Troubleshooting Tcp/Ip
by Silvia Hagen, Stephanie Lewis. Paperback (September 1999)
Amazon Price:$47.99
**+ Internet and Tcp/Ip Network Security : Securing Protocols and Applications (J. Ranade Workstation Series) ~ Usually ships in 24 hours
Uday O. Pabrai, Vijay K. Gurbani / Paperback / Published 1996
High-Speed Networks : Tcp/Ip and Atm Design Principles (Stallings, William. William Stallings Books on Computer and Data Communications Technology.)
William Stallings / Hardcover / Published 1997
Ip Switching : Protocols and Architecture (McGraw-Hill Series on Computer Communications) ~ Usually ships in 24 hours
Christopher Y. Metz / Paperback / Published 1998
????? Hardening Cisco Routers
February 2002 (est.)
0-596-00166-5, Order Number: 1665
200 pages, $24.95 US (est.) $37.95 CA (est.)
????? Mastering Network Security ~ Usually ships in 24 hours
Chris Brenton / Paperback / Published 1998
Amazon price: $31.99 ~ You Save: $8.00 (20%)
Average Customer Review: *****
Table of Contents
Decent introductory book. It's interesting to know that Chris Brenton is not just "security professional" exiled to security because of inability to work in any other field :-) . It looks like this author does understand networking. He authored two networking books:
Mastering Cisco Routers
Chris Brenton / Hardcover / Published 2000
Amazon price: $37.49 ~ You Save: $12.50 (25%)
and
Multiprotocol Network Design and Troubleshooting
Chris Brenton / Hardcover / Published 1997
Amazon price: $34.99 ~ You Save: $15.00 (30%)
Here are some readers reviews from Amazon:
***** Excellent handling of the subject - a MUST read !!!
Reviewer: ajitmohanraj@vsnl.com from India July 11, 1999
What struck me in my reading experience of this book was the author's superb hold on the subject of security and the structured manner in which he approached this whole topic. The book was very hard to put down once I got going and in fact, it gave me a lot of insight into some day-to-day tasks that we take for granted at the office setup. His practical down-to-earth examples only served to highlight a concept he was putting across. It is a MUST read for anyone getting into the "security" arena and I liked the style of writing too - gave me a feeling that the author was addressing me on a one-on-one basis throughout.

I felt the chapter on IDS could have been dealt with on a much broader perspective rather than from a product perspective. We have used a lot many ideas from this book to structure our in-house security sessions.

***+ Internet Security : Professional Reference
Derek Atkins (Editor), et al / Paperback / Published 1997
Average or slightly above average...
**** Actually Useful Internet Security Techniques
Larry J. Hughes / Published 1995
+ Hacker Proof : The Ultimate Guide to Network Security
Lars Klander, Edward J. Renehan / Paperback / Published 1997
*+ Maximum Security : A Hacker's Guide to Protecting Your Internet Site and Network
Paperback / Published 1998

Junk. This is second edition of ghost-written (probably by the publisher staff writer ;-) book. This is an interesting marketing plot. The title almost guarantee big success ;-(. That's the case when you should not believe a single word in amazon.com reviews.

**+ Implementing Internet Security
Frederic J. Cooper

Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Haterís Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


Copyright © 1996-2018 by Dr. Nikolai Bezroukov. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) in the author free time and without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: September 12, 2017