| Books by Richard Bejtlich: |
|
| Books Co-Authored by Richard Bejtlich: |
|
Want to see more?
View favorite books from other authors.
|
|
|
We asked some of our (and your!) favorite authors to share with us their
favorite 10 computer books from the past 10 years. Here's what we got back.
|
Richard Bejtlich
is a former military intelligence officer and a security engineer
at ManTech International Corporation's Computer Forensics and Intrusion
Analysis division. A recognized authority on computer security, he has
extensive experience with network security monitoring, incident response
and digital forensics. Richard tests and writes documentation for Sguil, an
open source GUI for the Snort intrusion detection engine. He also maintains
the TaoSecurity Blog at www.taosecurity.blogspot.com. He is the author of
The Tao of Network Security Monitoring: Beyond Intrusion Detection.
|
Richard's favorite books: |
Practical Unix & Internet Security, 3rd Edition (Out of Print) by Simson Garfinkel, Gene Spafford, Alan Schwartz -- In late 1997 I read the second edition of this book. It helped provide the foundation for my security career and a love of UNIX.
by Ross J. Anderson -- Ross Anderson's ability to blend technology, history and policy makes Security Engineering a landmark work. The book will remain relevant for years, but I recommend you read it as soon as possible.
 Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2nd Edition by Ed Skoudis -- Counter Hack contains all I could ask for in an introductory security book. Ed shows remarkable skill when explaining topics, and his decision to spend a chapter on each important issue makes the book accessible to all readers.
(The author's original choice was an older edition that is now out of print. This link is to the current edition)
 The Art of Computer Virus Research and Defense by Peter Szor -- This is one of the best technical books I've ever read, and I've reviewed over 150 security and networking books during the past 5 years. It so thoroughly owns the subject of computer viruses that I recommend any authors seeking to write their own virus book to find a new topic.
 Incident Response and Computer Forensics, 2nd Edition by Chris Prosise, Kevin Mandia, Matt Pepe -- After I read the first edition of this book in 2001, I sought out the authors and joined Foundstone's incident response team. When first published, it was the only book that moved beyond theory and into the realm of hands-on, cross-platform, real-world IR and forensics.
 Hacking Exposed: Network Security Secrets & Solutions, 5th Edition by Stuart McClure, Joel Scambray, George Kurtz -- It's fashionable to consider books like Hacking Exposed to be unsophisticated when compared to titles on exploit writing and shellcode generation. No one can deny, however, that the first edition in 1999, and the slightly earlier book "Maximum Security," opened the door for countless security tomes that followed.
Troubleshooting Campus Networks: Practical Analysis of Cisco and LAN Protocols (Out of Print) by Priscilla Oppenheimer, Joseph Bardwell-- Any networking or security professional is quick to cite Richard Stevens' books, so I will avoid that temptation by listing this exceptional title. So many books discuss networks, but somehow distort subtle points. Authors Oppenheimer and Bardwell know their material inside-out and explain key points in clear, concise prose.
Special Ops: Host and Network Security for Microsoft, Unix, and Oracle (Out of Print) by Erik Pace Birkholz, et al. -- While the Hacking Exposed series is more assessment- and enumeration-centric, Special Ops spends time on proper installation and deployment of services and applications. Most usefully, the book succinctly and powerfully addresses topics neglected by other security titles.
 Know Your Enemy: Learning About Security Threats by The Honeynet Project -- A complete rewrite of the first edition, this book is a tour of multiple security disciplines, each addressed by a subject matter expert. It is one of the few books that rightfully concentrates on threats, not vulnerabilities, when discussing digital security.
 Malware: Fighting Malicious Code by Ed Skoudis and Lenny Zeltser -- Other security books are vulnerability-focused, spending time explaining ways to subvert, breach or abuse poorly designed or deployed applications. Malware is threat-oriented, showing the capabilities of intruders and their code. This knowledge will change the way you think about security and the trustworthiness of your systems.
|
|
