Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Classes?

From: dr () V-WAVE COM (Dragos Ruiu)
Date: Sat, 16 Oct 1999 18:29:39 -0700

Impromptu unsolicited review (very impromptu since both only arrived
yesterday and I've finished neither):

I would put both "Hacking Exposed" by McLure, Scambray, and Kurtz and
"Network Intrusion Detection: An Analyst's Handbook" by Northcutt on your
_must_ read list.
The former is very comprehensive and the latter is engagingly well-written,
educational, and a fantastic resource of clear thought.

just my two cents,
--dr

-----Original Message-----
Several E&Y guys, including a couple who run the above class, and the two
who write the Security Watch column for Infoworld have written a book
called "Hacking Exposed" along those lines:

http://www.amazon.com/exec/obidos/ASIN/0072121270/thievco

(The Thievco bit at the end is my little "Amazon store"... I had nothing to
do with the book, though it's a good book.)

Aleph1 occasionally gives lectures on the topics mentioned.  I know nothing
about exactly what the topics are, how much it costs, etc..

There are a number of good papers on the web on those topics.  I've seen
good buffer overflow papers from Mudge, Aleph1, and Dildog.  Check out the
last several issues of Phrack as well.
Previous By Date Next
Previous By Thread Next

Current thread: