Hacking, Intrusion Detection and Penetration Testing Book Recommendation

Hits: Failed to execute CGI : Win32 Error Code = 3


Also check my book recommendations in the areas of :
General Security
NT Security
Windows 2000 Security

Schneier has utterly demystified the idea of security with a text aimed squarely at nontechnical individuals. He takes his legendary skill at applying common sense and lucidity to information-security problems and applies it to all the bogeymen of the post-9/11 world, and asks the vital question: What are we getting in exchange for the liberties that the Ashcroftian authorities have taken away from us in the name of security?

describes the Tiger Box system used by hackers to penetrate vulnerable networks, and how to use the same tool--provided on the disk--to protect against them












provides an at-a-glance scale that rates each threat in terms of popularity among hackers, simplicity, impact and risk analysis. fair amount of tutorial on escalating privileges, cracking passwords. A good starting point for securing linux.



details of how specific attacks work and how to protect against them


step-by-step guide to defending against hacker intrusions


secret decoder ring - explains Linux in Windows terms. Highly recommended. If your network is NT based, you will need to learn linux because the best hacker tools run only there.



PAM, OPIE, syslog, sudo, xinetd, SSH, Crack, tiger, Tripwire, TCFS, and ipchains.




Excellent!!!! Scary. Hack Win9x, NT, Netware, Unix, Web, ...

Hacking Exposed companion web site



tips on uncovering incidents and evidence. Howtos on investigating breaking on Windows NT/2000, Netware and Unix. Written by director of forensics at Foundstone. I have taken courses from Foundstone. They know their stuff.








What to get into Information Security?


Good introduction to topic




highly recommended








The classic text. Should be on everyone's book shelf interested in unix security. Comprehensive. The material is old, but so is unix. The issues are timeless and apply to the newer Linux environments.



Focuses on tools to do the job.


Excellent!!!! One of the first hacker security books (1998) but still valid. Broad coverage of lots of topics.


Want to understand unix buffer overflow attacks? Get the Crash Dump book and the Advanced Programming books.


Want to understand unix buffer overflow attacks? Get the Crash Dump book and the Advanced Programming books.



Dorothy E. Denning's classic