Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

security books

  • 06-08-2011 11:15pm
    #1
    Registered Users, Registered Users 2 Posts: 1,190 ✭✭✭


    In a broad sense of the term "security" here are some of the books i've gotten or are on the list so far. I'm hoping people can suggest some other good ones.
    Strictly technical and preferably hands on. Nothing about the general idea and philosophy behind security which generally tends to bore me to tears.
    • nmap (official book)
    • reversing (secrets of reverse engineering)
    • stealing the network (all 4)
    • hacking, the art of exploitation
    • network security hacks
    • practical cryptography
    • private communication in a public world
    • metasploit penetration testers guide
    • the f0rb1dd3n netwwork
    • kingpin
    • malware analysts cookbook tools and techniques for fighting malicious code


Comments

  • Closed Accounts Posts: 29 SecurityGuy


    From the technical/cryptographic side search for Bruce Schneier booksimage.php


  • Registered Users, Registered Users 2 Posts: 1,190 ✭✭✭wolfric


    Yeah i actually have secrets and lies which I read the start of but found it too generic but sure he also wrote practical (and applied) cryptography which are on the list. I've read about half of practical cryptography (and bits of applied cryptography) and it's really well put together and the right amount of technical info in there.

    Recommend any of his other books? Someone else mentioned cryptography engineering actually.


  • Closed Accounts Posts: 29 SecurityGuy


    Yeah, "Secrets and Lies" is very light like a novel. I've read "Applied cryptography" a few years ago and "Practical Cryptography" quite recently. It's interesting how author's opinions dramatically changed (it's mentioned in Practical C.)
    I've also read fragments of "Security Engineering" by Ross Anderson which is less about crypto and more about overall security but to be honest it's good for reference but not too much for reading.


  • Registered Users, Registered Users 2 Posts: 218 ✭✭Screaming Monkey


    "secrets and lies" is one of my favourites, its key point is that
    all this fancy crypto doesn't help you secure things, a system with an algorithm
    from "applied cryptography" broken because the user put their
    password on a post-it and didn't see a problem with that.

    Some books i got recently..

    Practical Lock Picking By Deviant Ollam
    http://www.syngress.com/hacking-and-penetration-testing/Practical-Lock-Picking/

    and Social Engineering: The Art of Human Hacking
    http://www.amazon.co.uk/Social-Engineering-Art-Human-Hacking/dp/0470639539/


  • Registered Users, Registered Users 2 Posts: 37,316 ✭✭✭✭the_syco


    I found Mitnicks examples in "The Art of Deception" to be good. Also the examples in the book "Stealing the Network: how to own the box" were good.


  • Advertisement
  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    I found Gray Hat Hacking to be very good as an all rounder book.

    Avoid anything by Ankit Fadia, he's a spoofer.

    There was a book I read a few years ago by a guy called Dr K called the Hackers Handbook. It was another all rounder, but it had some great tips, like how to set up a hacking lab, and suggestions for getting into Linux.

    I'll have a look on my shelves at home, and see if there is anything I have forgotten.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    the_syco wrote: »
    I found Mitnicks examples in "The Art of Deception" to be good. Also the examples in the book "Stealing the Network: how to own the box" were good.

    Is this book good?

    A mate of mine posted me out this book a few weeks ago and didn't get a chance to look at it yet.


  • Registered Users, Registered Users 2 Posts: 37,316 ✭✭✭✭the_syco


    Is this book good?

    A mate of mine posted me out this book a few weeks ago and didn't get a chance to look at it yet.
    (Sorry about the late response - just back from a festival yesterday)
    I found it gives a good beginning to explaining how social engineering works, and the different ways you could go about it. It also reads like a novel at times, so it kept my interest, but still had me searching for some of the terms online. It also shows where it can be most useful.


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    I've read a number of security books over the years. The first real book I read was the first edition of Hacking Exposed. I've since read newer editions including the wireless version, and hacking linux exposed.

    Hacking Exposed (Multiple editions)
    Hacking Linux Exposed
    Hacking Wireless Exposed
    Google Hacking for Pen-testers
    Grey hat Hacking (This is very solid)
    Professional Penetration testing (This is orientated to setting up hacking labs to practice on)
    SQL Injection Attacks and Defense
    Hacking: The art of exploitation.

    I'm sure I've missed a few, as I've read these over the best part of 10 years. I read Mitnick's two books also, and I've ordered his new one which should be here soon.

    While books are great - I often find it easier to sit down and to just focus on one individual thing, and practice it until I'm familiar with it. It's alot easier now to setup a lab to hack than it used to be, so I think people are learning alot quicker these days.


  • Registered Users, Registered Users 2 Posts: 1,190 ✭✭✭wolfric


    mybooks.th.jpg

    Uploaded with ImageShack.us

    More to be delivered :)


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,837 ✭✭✭abelard


    Lots of good suggestions above, but could someone recommend me one of them based on the following?.....

    I don't need something completely exhaustive, just a good introduction to the practice of hacking/penetration testing etc, and I can pick up more advanced texts from there.

    I don't have an IT degree, and have no experience programming, but I'm not exactly computer illiterate and have some mathematical grounding, so I don't mind something that moves at a decent pace as long as it starts with basics.

    Does such a book exist?


Advertisement