Paul L. Snyder on 19 May 2012 20:01:42 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] I need a book recommendation

On Fri, 18 May 2012, wrote:

> Excellent! Thank you! I should specify that I want to get more
> knowledgable about general security stuff, not just Linux, but I
> would guess most the skills/knowledge is transferable.

Ross Anderson's _Security Engineering_ is excellent.  It's a great
introduction to thinking from a security perspective and covers a lot of
territory even beyond standard compsec topics.  The first edition is
available for free on his website, but do buy the second edition if you can
afford it (it's worth it).  I think this book might be the best fit
for what you say that you're looking for.

If you're interested in the mechanics of exploit development, Jon Erikson's
_Hacking: The Art of Exploitation_ is quite enjoyable with lots of
exercises and hands-on material.

Another nice book along the same line is _The Web Application Hacker's
Handbook: Discovering and Exploiting Security Flaws_, by Stuttard and
Pinto.  A second edition was released last year; this would be the one
to pick up given how active the web space has been since the first edition
was published in 2008 (particularly given the growth of cloud services).
I've seen recommendations for the online labs they sell as an accompaniment
to the book, but have not explored them myself.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --