| Michael Lazin on 8 Jun 2012 06:57:18 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] I need a book recommendation |
I read this book when I was a teenager and it made me want to learn Unix. I studied philosophy in college but taught myself Unix on the campus aix system at Carolina when I was a student there. The funny thing is I didn't do anything with my philosophy degree but now I do Linux webserver security as a career. Go figure.
On 06/08/2012 09:27 AM, Paul Walker wrote:
Found a copy of Cuckoo's Egg at the thrift store last week for a dollar.
A great read - reminds me of the old days.
You guys sold me on it too, I'm about half way through it. :)
Paul
On Mon, May 21, 2012 at 11:24 PM, <jazzman@exdomain.org
<mailto:jazzman@exdomain.org>> wrote:
Well the upside for me is that beyond my own curiousity on the
topic, my company is willing to fund me upping my knowledge in this
area (and they've gone so far as to discuss sending me back to
school for a degree with a focus on security of some sort). So I'm
fairly certain my manager will approve expensing the book. I'll talk
to him tomorrow and give him a list of a few of the books you guys
have mentioned to me and I'm 99% sure he'll be ok with just having
the company cover it.
Thanks to all of you guys for the info and leads. It is greatly
appreciated and hopefully I'll learn to enough to be able to
contribute back to the group at some point.
Thanks again
Marc
On Mon, 21 May 2012, JP Vossen wrote:
I'm late to the party, but...
+1 _The Cuckoo's Egg_
+1 for Schneier but not _Cryptography Engineering_. I'd favor
_Practical Cryptography_ and _Secrets & Lies_ for this use case.
Also, this *sounds* perfect, but there is a catch:
http://it.slashdot.org/story/ 12/05/18/1321256/book-review-
elementary-information- security
<http://it.slashdot.org/story/12/05/18/1321256/book-review-elementary-information-security>
Book Review: Elementary Information Security
Section it Department read-all-about-it
Filed under security
Creator samzenpus
benrothke writes "Elementary Information Security, based on its
title, weight and page length, I assumed was filled with
mindless screen shots of elementary information security topics,
written with a large font, in order to jack up the page count.
Such an approach is typical of far too many security books. With
that, if there ever was a misnomer of title, Elementary
Information Security is it."
For anyone looking for a comprehensive information security
reference guide - Elementary Information Security is it. While
the title may say elementary, for the reader who spends the time
and effort to complete the book, they will come out with a
complete overview of every significant information security topic.
The book is in fact a textbook meant to introduce the reader to
the topic of information security. But it has enough content to
be of value to everyone; security notices or experienced
professional.
Author Richard Smith notes that if you want to get a solid
understanding of information security technology, you have to
look closely at the underlying strengths and weakness of
information technology itself, which requires a background in
computer architecture, operating systems and computing networking.
With that, Elementary Information Security is a tour de force
that covers every information security topic, large and small.
The book also provides a relevant overview of the peripheral
topics that are embedded into information security.
In 17 chapters covering over 800 pages, the book is well
organized and progressively gets more complex.
[... lots more, go read the post on /. ]
The book is not meant as a For Dummies guide to the topic, and
it assumes a college-level comprehension of relevant
mathematical concepts. Note though that the requisite math is
detailed in the sections on encryption and cryptography.
The book is also the first textbook certified by the NSA to
comply with the NSTISSI 4011 standard, which is the federal
training standard for information security professionals. The
author notes on his blog that in order to gain that
certification, he had to map each topic required by the standard
to the information as it appears in the textbook.
Given the value of the book, (ISC) should consider using this
title as a reference for their CISSP certification. With all of
the CISSP preparation guides available, even the Official (ISC)2
Guide to the CISSP CBK, one is hard pressed to find a
comprehensive all-embracing security reference such as this.
Some may even want to simply use this book as their definitive
CISSP study guide.
For those looking for a single encyclopedic reference on
information security, they should look no further than
Elementary Information Security. Richard Smith has written a
magnum opus on the topic, which will be of value for years to come.
--- End of excerpted book review ---
Sounds perfect right? I want one too. The problem is, it's
$130 new... Maybe you can find a library that has it?
Later,
JP
----------------------------|: ::======|---------------------
----------
JP Vossen, CISSP |:::======| http://bashcookbook.com/
My Account, My Opinions |=========| http://www.jpsdomain.org/
----------------------------|= ========|---------------------
----------
"Microsoft Tax" = the additional hardware & yearly fees for the
add-on
software required to protect Windows from its own poorly
designed and
implemented self, while the overhead incidentally flattens
Moore's Law.
______________________________ ______________________________
_______________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/
mailman/listinfo/plug-announce
<http://lists.phillylinux.org/mailman/listinfo/plug-announce>
General Discussion -- http://lists.phillylinux.org/
mailman/listinfo/plug
<http://lists.phillylinux.org/mailman/listinfo/plug>
______________________________ ______________________________
_______________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/
mailman/listinfo/plug-announce
<http://lists.phillylinux.org/mailman/listinfo/plug-announce>
General Discussion -- http://lists.phillylinux.org/
mailman/listinfo/plug
<http://lists.phillylinux.org/mailman/listinfo/plug>
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
--
Jay Dobies
Freenode: jdob @ #pulp
http://pulpproject.org | http://blog.pulpproject.org
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug