Personal tools
You are here: Home SPS Open Source Security Tools for Information Technology Professionals Bibliography - SPS FOSS Security Tools Course
Document Actions

Bibliography - SPS FOSS Security Tools Course

last modified 2006-10-09 11:10 PM

Core Textbook

Open Source Security Tools: Securing Your Unix or Windows Systems
by Tony Howlett

Published: 2004, Pearson Education

Main source of course material. An excellent introduction to FOSS security tools.

From the Publisher

Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses. Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. Seasoned security expert Tony Howlett has reviewed the overwhelming assortment of these free and low-cost solutions to provide you with the "best of breed" for all major areas of information security.

Inside, you'll find everything from how to harden Linux and Windows systems to how to investigate breaches with Sleuth Kit, Autopsy Forensic Browser, and Forensic Tool Kit. For each security task described, the author reviews the best open source tools and how to use them and also provides a case study and sample implementation. This handy reference also tackles the emerging field of wireless security and covers tools such as Kismet Wireless, Airsnort, and Netstumber. An accompanying CD-ROM contains full versions of the tools for easy access and installation, as well as RFCs and other useful information. Whether you're a Windows system administrator or a network administrator, you will come away with an understanding of how open source security tools can help protect your organization and further your own career.



CISSP Certification

CISSP Certification All-in-One Exam Guide, Third Edition
by Shon Harris

Published: 2005, The McGraw-Hill Companies

This book covers all of the topics required by the CISSP certification exam.

From the Publisher

All-in-One is all you need! This authoritative reference offers complete coverage of all material on the Certified Information Systems Security Practitioner (CISSP) exam. You*ll find exam objectives at the beginning of each chapter,helpful exam tips,end-of-chapter practice questions,and photographs and illustrations. The bonus CD-ROM contains practice tests and hundreds of questions. This comprehensive guide not only helps you pass this challenging certification exam,but will also serve as an invaluable on-the-job reference.

repare to pass the CISSP certification exam Now you can prepare for the Certified Information Systems Security Professional (CISSP) exam with help from this in-depth reference. This comprehensive resource fully covers all exam objectives—as developed by the International Information Systems Security Certification Consortium —and offers essential information on IT security. Each chapter contains practice questions,sidebars with technical discussions,real-world examples,and test-taking tips,making this book a premier study tool. You'll also get valuable information on current trends in security,disaster recovery,and the benefits of obtaining this highly-coveted and advanced security certification.



Supplementary Texts

Network Security Hacks: 100 Industrial-Strenth Tips & Tools
by Andrew Lockhart

Published: 2004, O'Reilly & Associates

A great little tool book chock full of useful step-by-step recipes for network security activities.

From the Publisher

The Internet is the greatest collaborative tool the world has ever known. It carries words and ideas across vast distances in mere milliseconds. Unfortunately, the Internet also makes your computers vulnerable to attack from almost any location on the planet. Every day, system crackers take advantage of vulnerable computers, turning them into spam relays or participants in distributed denial-of-service attacks, or using them to hide other unsavory activities. Network Security Hacks presents 100 industrial-strength techniques you can use to make sure that your networks are not a target of opportunity. These are real-world examples of tools and methods used by experts to protect their own computers and networks. Each hack can be read in just a few minutes, potentially saving you hours of research. Inside, you will find a wealth of useful techniques for detecting and dealing with intruders. Written for the intermediate to advanced network administrator, Network Security Hacks is full of practical, ingenious solutions to real-world networking situations and problems.

Hardening Linux
by James Turnbull

Published: 2005, Apress

A detailed guide to hardening GNU/Linux systems and associated FOSS internet services.

From the Publisher

Hardening Linux by James Turnbull, stands out in my mind as a vitally important text that clearly lays out how to make your Linux boxes as secure as possible. Mr. Turnbull has done a remarkable job in delineating the potential vulnerabilities, and how to mitigate them. Each chapter covers a particular focus area in depth, with carefully worded and easy-to-follow examples. In the cases where you need to install some other piece of software to provide the extra security, he gives you the step-by-step details, leaving nothing for misinterpretation. This is one of those books that, as you finish each chapter, you’ll want to apply your new-found knowledge to the machines at your disposal. As each subsequent chapter unfolds, James explains very carefully how to tighten remote administration, files and file systems, mail, ftp, and DNS/BIND.

Additional information is given on how to log important information securely, and efficiently monitor the data collected. In addition, tools for testing the security of your hosts is described very clearly, from the inside-out and the outside-in, along with explanations of how to detect penetrations and recover from them. Writing about securing a computer system can be written on a few different levels, from the general suggestions which apply to just about any program, to the specific which apply to just one. Mr. Turnbull has chosen to pick commonly used programs and provide step-by-step procedures for locking them down. For example, if you are hardening a mail server, you will find descriptions of Sendmail and Postfix, but not of Qmail or Courier. While this might limit the appeal of the book to just those using the more common programs, it allows a depth that would be otherwise unavailable. The only quibble I have is that his book does not go far enough. While the chosen types of applications are covered in great depth, some applications are missing. There is no coverage for a web server, such as Apache, or a database server, such as MySQL. I can only hope that a future edition of the book includes chapters on these and other categories of programs. I definitely recommend Hardening Linux by James Turnbull to anyone who installs and maintains Linux servers. The information packed in this book is easy to follow, and will help you configure your systems very securely. The additional insights into why the configurations are important is extremely valuable in its own right. This book belongs on any Linux sysadmin's bookshelf.

Security Warrior
by Cyrus Peikari and Anton Chuvakin

Published: 2004, O'Reilly Media

A more in-depth text which tries to introduce the reader to the mind of the cracker by covering cracking tools.

From the Publisher

It's easy to find books on computer security. Many users and administrators are becoming overwhelmed, and justifiably so. The sophistication of attacks against computer systems increases with each exploit in the wild. What's the worst an attacker can do to you? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be threatened. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and advanced attacks against Unix and Windows systems, this book leaves you knowing your enemy and prepared to do battle.

Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on machines: Trojaned binaries, "spyware" that looks innocuous while sending private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability. Security Warrior is the most comprehensive, up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book, on your shelf -- and in your hands.



Useful GNU/Linux Texts

Linux in a Nutshell
by Stephen Figgins, Aaron Weber

Published: 2005, O'Reilly Media

The classic reference now in it's fifth edition.

The Barnes & Noble Review

Put aside those man pages, get Linux answers you can really use, and get them fast, with Linux in a Nutshell, Fifth Edition. The authors offer concise, precise discussions of probably 98 percent of what you'll need to know to run or administer Linux on a day-to-day basis: networking, Linux commands, boot (and multi-boot) options, package management, shell scripts, pattern matching, editors, sed and gawk, even source code management with both CVS and Subversion.

This brand-new edition reflects the latest Linux kernel and has been thoroughly tested on Fedora, Novell/SuSE, and Debian systems -- so you can rely on it with your current distro and the one you might work with next. At 900-plus pages, it’s some big “nutshell.” But it’s just as accessible and well organized as it’s ever been -- and even more useful.

Linux Cookbook
by Carla Schroder

Published: 2004, O'Reilly Media

An extremely helpful set of how-tos for managing a GNU/Linux system

From the Publisher

The Linux Cookbook gives you quick and dirty solutions for all - well, almost all - of the things you'll need to worry about. It touches on everything from making DVDs to finding (and understanding) Linux documentation. It will make your life as a Linux user or administrator much more enjoyable. While your friends are trying to plug the latest security hole in That Other Operating System, you'll be sitting back, secure in the knowledge that your reliable, stable Linux machines are running happily and safely. You can invest your energies in improving your operations, free from worry about system crashes, malware attacks, artificially crippled functionality, or visits from the license police.

« June 2017 »
Su Mo Tu We Th Fr Sa
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30



 

Powered by Plone CMS, the Open Source Content Management System

This site conforms to the following standards: