Re: [PLUG] I need a book recommendation

Paul L. Snyder on 19 May 2012 20:31:06 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] I need a book recommendation

From: "Paul L. Snyder" <plsnyder@drexel.edu>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] I need a book recommendation
Date: Sat, 19 May 2012 23:29:11 -0400
Mail-followup-to: plug@lists.phillylinux.org
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: plug-bounces@lists.phillylinux.org
User-agent: Mutt/1.5.21 (2010-09-15)

On Sat, 19 May 2012, Paul L. Snyder wrote:

> On Fri, 18 May 2012, jazzman@exdomain.org wrote:
> 
> > Excellent! Thank you! I should specify that I want to get more
> > knowledgable about general security stuff, not just Linux, but I
> > would guess most the skills/knowledge is transferable.
>
> Ross Anderson's _Security Engineering_ is excellent.  It's a great
> introduction to thinking from a security perspective and covers a lot of
> territory even beyond standard compsec topics.  The first edition is
> available for free on his website, but do buy the second edition if you can
> afford it (it's worth it).  I think this book might be the best fit
> for what you say that you're looking for.
> 
>   http://www.cl.cam.ac.uk/~rja14/book.html
> 
> If you're interested in the mechanics of exploit development, Jon Erikson's
> _Hacking: The Art of Exploitation_ is quite enjoyable with lots of
> exercises and hands-on material.  
> 
>   http://nostarch.com/hacking2.htm
> 
> Another nice book along the same line is _The Web Application Hacker's
> Handbook: Discovering and Exploiting Security Flaws_, by Stuttard and
> Pinto.  A second edition was released last year; this would be the one
> to pick up given how active the web space has been since the first edition
> was published in 2008 (particularly given the growth of cloud services).
> I've seen recommendations for the online labs they sell as an accompaniment
> to the book, but have not explored them myself.
> 
>   http://mdsec.net/wahh/

One more thing to mention (though not a book) is to grab a nice
security-focused Linux distribution so you can play around with tools
you're reading about.  BackTrack is a nice DVD-bootable distro for this
purpose...load it up in a virtualization program, boot another image with
something to attack, and go to town.

  http://www.backtrack-linux.org/

Paul
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] Bizarre proxy behavior after upgrading a partition from 11.10 to 12.04 LTS
  - From: "K.S. Bhaskar" <bhaskar@bhaskars.com>
- [PLUG] I need a book recommendation
  - From: jazzman@exdomain.org
- Re: [PLUG] I need a book recommendation
  - From: Julien Vehent <julien@linuxwall.info>
- Re: [PLUG] I need a book recommendation
  - From: jazzman@exdomain.org
- Re: [PLUG] I need a book recommendation
  - From: "Paul L. Snyder" <plsnyder@drexel.edu>

Prev by Date: Re: [PLUG] Can FOSS help school districts in trouble?
Next by Date: [PLUG] ride for PLUG West Meeting tonight
Previous by thread: Re: [PLUG] I need a book recommendation
Next by thread: Re: [PLUG] I need a book recommendation
Index(es):
- Date
- Thread