Michael Lazin on 8 Jun 2012 06:57:18 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] I need a book recommendation


I read this book when I was a teenager and it made me want to learn Unix.  I studied philosophy in college but taught myself Unix on the campus aix system at Carolina when I was a student there.  The funny thing is I didn't do anything with my philosophy degree but now I do Linux webserver security as a career.  Go figure.

On Jun 8, 2012 9:36 AM, "Jay Dobies" <jason.dobies@redhat.com> wrote:
On 06/08/2012 09:27 AM, Paul Walker wrote:
Found a copy of Cuckoo's Egg at the thrift store last week for a dollar.
A great read - reminds me of the old days.

You guys sold me on it too, I'm about half way through it. :)

Paul

On Mon, May 21, 2012 at 11:24 PM, <jazzman@exdomain.org
<mailto:jazzman@exdomain.org>> wrote:

   Well the upside for me is that beyond my own curiousity on the
   topic, my company is willing to fund me upping my knowledge in this
   area (and they've gone so far as to discuss sending me back to
   school for a degree with a focus on security of some sort). So I'm
   fairly certain my manager will approve expensing the book. I'll talk
   to him tomorrow and give him a list of a few of the books you guys
   have mentioned to me and I'm 99% sure he'll be ok with just having
   the company cover it.

   Thanks to all of you guys for the info and leads. It is greatly
   appreciated and hopefully I'll learn to enough to be able to
   contribute back to the group at some point.

   Thanks again
   Marc


   On Mon, 21 May 2012, JP Vossen wrote:

       I'm late to the party, but...

       +1 _The Cuckoo's Egg_

       +1 for Schneier but not _Cryptography Engineering_.  I'd favor
       _Practical Cryptography_ and _Secrets & Lies_ for this use case.

       Also, this *sounds* perfect, but there is a catch:

       http://it.slashdot.org/story/ 12/05/18/1321256/book-review-
       elementary-information- security
       <http://it.slashdot.org/story/12/05/18/1321256/book-review-elementary-information-security>
       Book Review: Elementary Information Security
       Section it Department read-all-about-it
       Filed under security
       Creator samzenpus

       benrothke writes "Elementary Information Security, based on its
       title, weight and page length, I assumed was filled with
       mindless screen shots of elementary information security topics,
       written with a large font, in order to jack up the page count.
       Such an approach is typical of far too many security books. With
       that, if there ever was a misnomer of title, Elementary
       Information Security is it."

       For anyone looking for a comprehensive information security
       reference guide - Elementary Information Security is it. While
       the title may say elementary, for the reader who spends the time
       and effort to complete the book, they will come out with a
       complete overview of every significant information security topic.

       The book is in fact a textbook meant to introduce the reader to
       the topic of information security. But it has enough content to
       be of value to everyone; security notices or experienced
       professional.

       Author Richard Smith notes that if you want to get a solid
       understanding of information security technology, you have to
       look closely at the underlying strengths and weakness of
       information technology itself, which requires a background in
       computer architecture, operating systems and computing networking.

       With that, Elementary Information Security is a tour de force
       that covers every information security topic, large and small.
       The book also provides a relevant overview of the peripheral
       topics that are embedded into information security.

       In 17 chapters covering over 800 pages, the book is well
       organized and progressively gets more complex.

       [... lots more, go read the post on /. ]

       The book is not meant as a For Dummies guide to the topic, and
       it assumes a college-level comprehension of relevant
       mathematical concepts. Note though that the requisite math is
       detailed in the sections on encryption and cryptography.

       The book is also the first textbook certified by the NSA to
       comply with the NSTISSI 4011 standard, which is the federal
       training standard for information security professionals. The
       author notes on his blog that in order to gain that
       certification, he had to map each topic required by the standard
       to the information as it appears in the textbook.

       Given the value of the book, (ISC) should consider using this
       title as a reference for their CISSP certification. With all of
       the CISSP preparation guides available, even the Official (ISC)2
       Guide to the CISSP CBK, one is hard pressed to find a
       comprehensive all-embracing security reference such as this.
       Some may even want to simply use this book as their definitive
       CISSP study guide.

       For those looking for a single encyclopedic reference on
       information security, they should look no further than
       Elementary Information Security. Richard Smith has written a
       magnum opus on the topic, which will be of value for years to come.

       --- End of excerpted book review ---

       Sounds perfect right?  I want one too.  The problem is, it's
       $130 new... Maybe you can find a library that has it?

       Later,
       JP
       ----------------------------|: ::======|---------------------
       ----------
       JP Vossen, CISSP            |:::======| http://bashcookbook.com/
       My Account, My Opinions     |=========| http://www.jpsdomain.org/
       ----------------------------|= ========|---------------------
       ----------
       "Microsoft Tax" = the additional hardware & yearly fees for the
       add-on
       software required to protect Windows from its own poorly
       designed and
       implemented self, while the overhead incidentally flattens
       Moore's Law.
       ______________________________ ______________________________
       _______________
       Philadelphia Linux Users Group         -- http://www.phillylinux.org
       Announcements - http://lists.phillylinux.org/
       mailman/listinfo/plug-announce
       <http://lists.phillylinux.org/mailman/listinfo/plug-announce>
       General Discussion  -- http://lists.phillylinux.org/
       mailman/listinfo/plug
       <http://lists.phillylinux.org/mailman/listinfo/plug>

   ______________________________ ______________________________
   _______________
   Philadelphia Linux Users Group         -- http://www.phillylinux.org
   Announcements - http://lists.phillylinux.org/
   mailman/listinfo/plug-announce
   <http://lists.phillylinux.org/mailman/listinfo/plug-announce>
   General Discussion  -- http://lists.phillylinux.org/
   mailman/listinfo/plug
   <http://lists.phillylinux.org/mailman/listinfo/plug>




___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


--
Jay Dobies
Freenode: jdob @ #pulp
http://pulpproject.org | http://blog.pulpproject.org
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug