>
> |
Book reviews: Security Library free books for next
Penlug meeting
LeeMcKusick
May 20, 2006
1 "Yours for the taking security library. What to take?"
A person donated a library of computer security books
to the Coastside Senior Citizen's Thrift Store. I am
going to pass the whole stack of books on to Penlug
members. From books in the same donation carton I guess
that the the library donor is a new mother. With a new child, her career focus drastically changed. When you
become a parent definitely check out http://www.sanmateo4cs.org Child Care Coordinating Council San Mateo County
2 Books for a Junior College student featuring get a job in computer security career advice
The first book is from a Penlug (Peninsula Linux
User's Group) book give away. . This book is addresed
to persons with some computer employment who desire
to move into a computer security job title.
Infosec Career Hacking
The book was reviewed on Slashdot and roundly panned as
an assembly of chapters from other Syngress books. http://books.slashdot.org/article.pl?sid=05/08/08/192221 InfoSec? book review on Slashdot
The saving graces of the book (considering that it is
free) are as follows:
- If you are a Junior College or self-educated
computerist and if you are seeking to move into "
computer security" this book is addressed to you.
- Chapter 5 "The laws of security" is a nice vigorous
pulling of the towel off of the ugly "eew I don't want
to see THAT!" carcass of the Internet.
Seeing what Google already reports about your web site is the first step to identify your inadvertent public indescretions. The following google search with obvious items removed is worth doing:
A Google search url like
site:washingtonpost.com -site:www.washingtonpost.com -ext:html
filters out the obvious and shows the less obvious
but public parts of the website.
Infosec Computer Hacking Sell Your Skilz Not Your Soul ,
by Aaron W. Bayles, Ed Brindley, James C. Foster, Chris
Hurley and Johnny Long with a forword by Christopher W.
Klaus, Syngress c. 2005. Book registration and four
free booklets at http://www.syngress.com/solutions/ Website to register book and get free articles
3 Guides to using Linux applications including the network traffic sniffer Snort
Anti-Hacker Toolkit Selecting and Using Open Source Tools to Investigate and Resolve Intrusions, Network Traffic and Individual Computer Forensic Analysis , by
Keith J. Jones, Mike hema, Bradley C. Johnson. With a
compact disk. c. 2002, publisher Mcgraw Hill/Osborne.
Website www.antihackertoolkit.com Antihackertoolkit website
Snort 2.0 Intrusion Detection , by Jay Beale, James C.
Foster, with Jeffrey Posluns technical advisor and
Brian Caswell of snort.org technical editor. With a
compact disk. c. 2003. Publisher Syngress.
3.1 Security guides not Linux aware
Peter Norton's Network Security Fundamentals by Peter
Norton and Mike Stockman. Publisher Sams Publishing c.
2000. For network administrators this is an overview of
the tasks required to keep a network safe from
intrusion. Reviews security concerns by vintage 2000
operating systems and the VPN access solutions of that
year. Only book in this collection that reviews
security risks for Netware.
4 Computer security from a management point of view - from "way up there"
These books are addressed to business managers.
The Process of Network Security by Thomas A. Wadlow.
Publisher Addison-Wesley, c. 2000. Enumerates the
threats, tasks, suggested business policies and
practices for a company with a local area network and
an Internet connection.
Intrusion Detection Network Security , beyond the
firewall by Terry Escamilla. Publisher John Wiley &
Sons, Inc., New York c. 1998. Website www.wiley.com/compbooks/escamilla Publisher and author web page
4.1 Management level security with an emphasis on case studies, history and human factors and information theft and warfare.
Cyber Shock, Surviving hackers, phreakers, Identity thieves, Internet terrorists and Weapons of Mass Disruption by Winn Schwanton with a foreword by John "
Cap'n Crunch" Draper. Appendix includes Top Hacker
Stites and Top 50 Security sites. Published by
Thunder's Mouth Press, New York, c. 2000.
Defending Your Digital Assets Against Hackers, Crackers, Spies and Thieves by Randall K. Nichols,
Daniel J. Ryan and Julie J.C.H. Ryan. Publisher
Mcgraw-Hill, New York, c. 2000.
4.2 Management level "forensics". How to plug holes, document improper actions, collect evidence for use in a civil or criminal legal action
The Practical Intrusion Detection Handbook by Paul E.
Proctor with technical editor Ira Winkler. Published by
Prentice Hall PTR, New Jersey, c. 2001. This is a
textbook (marked and tabbed by the previous owner).
Provides case studies of intrusion detection and
resolution. The third and key section of this book is
how to collect evidence of intrusion and evaluate the
available legal responses.
Intrusion Detection by Rebecca Gurley Bace. Published by
Macmillan Technical Publishing, USA, c. 2000. This book
is a used textbook with markers and tabs. Treats
intrusion detection as a technical field by presenting
cases in a historical format. Shows the major stages in
the development of intrusion and detection as technical
disciplines.
4.3 Management level book arguing that human factors and low tech are just as likely as "high tech" computer intrusions.
Fighting Computer Crime, a new framework for Protecting Information by Donn B. Parker. Published by John Wiley
and Sons, New York, c. 1998. Features case studies.
Argues that human factors such as an employee
undergoing a divorce and relatively low technology
actions are a substantial component of business
computer crime.
-- LeeMcKusick - 20 May 2006
|