Gary,
I have found the following books valuable.
TCP/IP Illustrated Volume 1 (and Volumes 2 and 3 if you want to get really
wild=)
Applied Cryptography
UNIX Systems Administration Handbook
Practical UNIX and Internet Security (older book)
Building Internet Firewalls (older book)
DNS and BIND
Sendmail
OSPF Anatomy of a Routing Protocol
UNIX in a Nutshell
Some books on my to read list that I haven't gotten to yet.
Secrets & Lies Digital Security in a Networked World
Linux Security
Hacking Exposed (I usually don't read books with the word hack in the title
but some friends of mine recommend this book)
The Design and Implementation of the 4.4BSD Operating System
Basically, I learned the protocol basics with TCP/IP Illustrated and a lot
of practice with tcpdump. I also learned networking by playing around with
some Cisco routers and UNIX boxes. Once you have a basic understanding of
this then dig deeper into some of the more importand protocols like DNS and
SMTP. READ the RFCs. There is a wealth of information there. Once you
have a good understanding of networking, TCP/IP, and you can do basic
sysadmin stuff on NT and UNIX then start running some of the exploits that
are around against boxes on a test network. Do tcpdumps and run Snort take
a look at what they show. Play around with some of the hardening scripts
for Linux, Solaris, or *BSD. Install a couple of opensource firewalls.
Install CBAC on Linux. Reading, playing around on your own network, and
finding a mentor who doesn't mind being bugged a lot and you can learn a
lot in a few years. Good luck.
Regards,
Jeffery Gieser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
