RE: book for a newbie...?

[totoalfi () rad net id]

Dear,
do you have url to download that security books for free?
It's dificult for me in here (Indonesia) to buy that books online. And
quiet expensive to buy at local store (I'm a student, with little budget
for buying books).
If you show me url for free ebook (Specially in IT/Security/hacking), I
would be really appreciate it.

Regards
-To2-



> Murad:
>
> Start with the free stuff and then go from there.  Some of the best
> security
> materials I've ever read have been made available for FREE.  From there,
> look for books that are good in specific areas you're interested in
> pursuing
> further.
>
> Below are some links to what I've found to be wonderful information sites:
>
> http://csrc.nist.gov
> You'll want to look at the SP 800 series and some of the pubs in SP 500
> and
> FIPS.  There is a regular wealth of information here and one of the best
> 'starting' reads is 'An Introduction to Computer Security: The NIST
> Handbook'.
>
> http://www.cccure.org
> This is a web site for studying for the CISSP and has great study papers.
> They cover the 10 domains individually and cover them well.
>
> There are other sites like techrepulic.com and pay sites that offer some
> variety and good content.  A little searching on Google will give you some
> starting points.
>
> Once you decide to start buying books there is much discussion on what
> constitues a good security book.  Is it a 'how to hack' type book showing
> exploits and how to patch? or theory books that teach good strong
> principles
> and theory which you're expected to apply.  This only gets more muddy when
> you consider how wide the security professionals job can really be (see my
> column in Information Security Magazine - LogOff column - August 2001 to
> see
> what I mean).  I'd start with books strong in theory or on specific
> technol
> ogies you're needing to work with and move on from there.  Some good
> starting points:
>
> Practical Unix and Internet Security
> Applied Cryptography
> Maximum Security (all the books from the series)
> Hacking Exposed
> Counter Hack
> Hack Attacks Revealed
> Hack Attacks Denied
> Hacker Proof (outdated and likely out of print but a good starting book)
> Intrustion Signatures and Analysis
> CISSP Study Guide
> Linux Security
> Information Security Management Handbook (pricy, but worth the price if
> you
> need some good strong theory or are preparing for the CISSP)
> Securing Windows NT/2000 Servers for the Internet
> Linux Security Toolkit
> Steal This Computer Book
> Linux System Security
>
> If you get a chance to peruse the books at your local bookstore you will
> get
> a better idea of what's in each book, if not, and you have to buy a book
> without seeing it, or without any recommdations from others on what would
> be
> best for your circumstances, I'd start with a book on the subject from
> O'Reilly and Associates or look into their safari subscription service
> that
> allows access to a wide selection of books for a monthly fee.
>
> BTW, since you're just starting out, I'd recommend looking in the bargain
> section of your local book store chains for discounted editions.  I've
> gotten some really great deals on books that were discontinued or back one
> edition.  If you're just starting out or if the technology covered in the
> edition isn't critical these are good places to start and keep your
> overall
> cost down until you start getting better aquainted with the technology
> you're using and the overall theories.  Keep in mind I didn't really make
> any recommendations on Business Continuity, Policies, or Physical Security
> since your question seems aimed squarely at the technologies and theories
> in
> use.
>
> Hope this information helps you on your way.
>
> Ed Spencer
> MCSE/MCT/MCP/CNA/A+/Network+/Security+
> Network Technican
> Univiersity of Alaska Fairbanks
>
> -----Original Message-----
> From: Murad Talukdar [mailto:talukdar_m () subway com]
> Sent: Monday, March 01, 2004 5:25 PM
> To: security-basics () lists securityfocus com
> Subject: book for a newbie...?
>
>
> Back when you were a security nipper playing with netstat and gurgling =
> at the sight of portscans on your fisher price server, which book did =
> you use to learn security basics from?
> I've inherited a 50 node network and am just getting into learning how =
> to secure it.
> Any suggestions gratefully accepted.
> Murad
>
>
>
>
> ---------------------------------------------------------------------------
> Free 30-day trial: firewall with virus/spam protection, URL filtering,
> VPN,
> wireless security
>
> Protect your network against hackers, viruses, spam and other risks with
> Astaro
> Security Linux, the comprehensive security solution that combines six
> applications in one software solution for ease of use and lower total cost
> of
> ownership.
>
> Download your free trial at
> http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
> ----------------------------------------------------------------------------
>
>
>
>
> ---------------------------------------------------------------------------
> Free 30-day trial: firewall with virus/spam protection, URL filtering,
> VPN,
> wireless security
>
> Protect your network against hackers, viruses, spam and other risks with
> Astaro
> Security Linux, the comprehensive security solution that combines six
> applications in one software solution for ease of use and lower total cost
> of
> ownership.
>
> Download your free trial at
> http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
> ----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040303
----------------------------------------------------------------------------