Scott White wrote:
Any good security books fellow members have read recently and would like to recommend?
Apart from decent books on your favourite security software:
"Intrusion Detection" by Stephen Northcutt and Judy Novak
"Secrets and Lies" by Bruce Schneier
"Crash! How to avoid a computer disaster" by Tony Collins
This last is a personal favourite of mine, although a little elderly now (1997), not specifically about security and light on technical details, a lot of the layer 8 issues discussed are highly relevant (IMO). Amazon write up here:
http://www.amazon.co.uk/exec/obidos/ASIN/0684816873/qid=1110896634/sr=1-3/ref=sr_1_11_3/026-0762881-0486018
There are a lot of excellent academic papers (note: not vendor 'white papers') available on the net - worth slogging through even if the mathematics is over your head - most recently I've been reading the "Tracking physical devices by TCP and ICMP timestamp clock skews" paper published recently, but monitor the usual sources for other interesting bits of research : Full Disclosure, the Reg., Slashdot, nanog, Sec. Focus, etc etc.
enjoy
\a
-- Andrew Simmons Speaking only for myself
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
