Computer security is in the spotlight more than ever since the September 11 terrorist attacks. To help you find the best resources to protect your systems, we've pulled together this list of the best security books by O'Reilly and other publishers.
Applied Cryptography: Protocols, Algorithms, and Source Code
in C, 2nd Edition
John Wiley & Sons
By Bruce Schneier
October 1995
Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition is a comprehensive survey of modern cryptography that details how programmers and electronic communications professionals can use cryptography to maintain the privacy of computer data.
Building Internet
Firewalls, 2nd Edition
O'Reilly & Associates, Inc.
By Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman
June 2000
Read
online--Safari
Building Internet Firewalls, 2nd Edition is a practical and detailed guide explaining in step-by-step fashion how to design and install firewalls and configure Internet services to work with a firewall.
Building Secure Software: How to Avoid Security Problems the
Right Way
Addison-Wesley
By John Viega and Gary McGraw
Building Secure Software: How to Avoid Security Problems the Right Way contains essential lessons for security professionals and software developers, including how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped.
Computer-Related Risks
Addison-Wesley
By Peter G. Neumann
October 1994
Computer-Related Risks is a collection of the most important stories passed over the RISKS mailing list, which is moderated by Dr. Neumann, since its creation.
Computers Under Attack: Intruders, Worms and Viruses
Addison-Wesley
By Peter J. Denning
January 1990
Computers Under Attack: Intruders, Worms and Viruses is a decade old, but it's still one of the most comprehensive collections of readings related to these topics and it includes reprints of many classic security articles.
Database Nation:
The Death of Privacy in the 21st Century
O'Reilly & Associates, Inc.
By Simson Garfinkel
January 2001
Database Nation: The Death of Privacy in the 21st Century is a compelling account of how invasive technologies will affect our lives in the coming years. It's a timely, far-reaching, entertaining, and thought-provoking look at the serious threats to privacy facing us today.
Firewalls and Internet Security: Repelling the Wily
Hacker
Addison-Wesley
By Steven M. Bellovin and William R. Cheswick
April 1994
Firewalls and Internet Security: Repelling the Wily Hacker was the classic book on firewalls when first published and is still an excellent source of firewalls principles. It will teach you everything you need to know about how firewalls work.
Incident
Response
O'Reilly & Associates, Inc.
By Kenneth R. van Wyk and Richard Forno
August 2001
Read
online--Safari
Incident Response shows you both the technical and administrative aspects of building an effective incident response plan.
Incident Response: Investigating Computer Crime
McGraw-Hill Professional Publishing
By Kevin Mandia and Chris Prosise
June 2001
Incident Response: Investigating Computer Crime describes the methods and techniques necessary to perform a professional and successful response to computer security incidents.
Java Security, 2nd
Edition
O'Reilly & Associates, Inc.
By Scott Oaks
May 2001
Read
online--Safari
Java Security, 2nd Edition focuses on the Java platform features that provide security--the class loader, bytecode verifier, and security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller.
Know Your Enemy:
Revealing the Security Tools, Tactics, and Motives of the Blackhat Community
Addison-Wesley [Note: A publisher's catalog page was not available.]
By The Honeynet Project (Editor)
August 2001
Know Your Enemy: Revealing the Security Tools, Tactics and Motives of the Blackhat Community is aimed at both security professionals and those with a non-technical background, and it teaches the technical skills needed to study a blackhat attack and learn from it. The CD includes examples of network traces, code, system binaries, and logs used by intruders from the blackhat community.
Malicious Mobile
Code: Virus Protection for Windows
O'Reilly & Associates, Inc.
By Roger A. Grimes
August 2001
Malicious Mobile Code: Virus Protection for Windows reveals what destructive programs (including viruses, worms, trojans, and rogue Internet content) can and can't do and how to recognize, remove, and prevent them. Readers learn effective strategies, tips, and tricks for securing any system.
Network Intrusion Detection: An Analyst's Handbook, Second
Edition
New Riders
By Stephen Northcutt and Judy Novak
September 2000
Network Intrusion Detection: An Analyst's Handbook, Second Edition is a training aid and reference for intrusion detection analysts.
Network Security: Private Communication in a Public
World
Prentice Hall
By Charles Kaufman, Radia Perlman, and Michael Speciner
March 1995
Network Security: Private Communication in a Public World is a comprehensive yet comprehensible guide to computer network security protocols. The authors go beyond documenting standards and technology; they contrast competing schemes, explain weaknesses and strengths, and describe common mistakes people make when intending to design secure systems.
Practical UNIX & Internet
Security, 2nd Edition
O'Reilly & Associates, Inc.
By Simson Garfinkel and Gene Spafford
April 1996
Practical UNIX & Internet Security, 2nd Edition is a practical guide that spells out, in readable and entertaining language, the threats, system vulnerabilities, and countermeasures you can adopt to protect your Unix system, network, and Internet connection. It's complete, covering both host and network security, and it doesn't require that you be a programmer or a Unix guru to use it.
Secrets and Lies: Digital Security in a Networked
World
John Wiley & Sons
By Bruce Schneier
August 2000
Secrets and Lies: Digital Security in a Networked World covers digital attacks, security products and processes, risk assessment in companies, implementation of security policies and countermeasures, and more.
Securing Java: Getting Down to Business with Mobile Code, 2nd
Edition
John Wiley & Sons
By Gary McGraw and Edward W. Felten
January 1999
Securing Java: Getting Down to Business with Mobile Code, 2nd Edition is a guide to guarding against virtual pirates and ensuring Web security with JDK 1.2.
Securing Windows
NT/2000 Servers for the Internet
O'Reilly & Associates, Inc.
By Stefan Norberg
November 2000
Read
online--Safari
Securing Windows NT/2000 Servers for the Internet simplifies the task of securing Windows servers by paring down installation and configuration instructions into a series of security checklists for security administration, including hardening servers for use as "bastion hosts" and performing secure remote administration with OpenSSH, TCP Wrappers, VNC, and the new Windows 2000 Terminal Services.
Security in Computing, 2nd Edition
Prentice Hall
By Charles P. Pfleeger
September 1996
Security in Computing, 2nd Edition provides an overview of all types of computer security, from centralized systems to distributed networks.
Unix Backup &
Recovery
O'Reilly & Associates, Inc.
By W. Curtis Preston
November 1999
Unix Backup & Recovery provides a complete overview of all facets of Unix backup and recovery and offers practical, affordable backup and recovery solutions for environments of all sizes and budgets. It explains everything from freely available backup systems to large-scale commercial utilities.
Web
Performance Tuning
O'Reilly & Associates, Inc.
By Patrick Killelea
October 1998
Read
online--Safari
Web Performance Tuning gives concrete advice for quick results--the "blunt instruments" for improving crippled performance right away. The book also approaches each element of a Web transaction--from client to network to server--to examine the weak links in the chain and how to strengthen them.
Web Security: A Step-by-Step Reference Guide
Addison-Wesley
By Lincoln D. Stein
December 1997
Web Security: A Step-by-Step Reference Guide explains basic strategies for protecting an existing Web site with as little cost and disruption as possible. Also covered are the risks and security solutions associated with implementing Internet services on a Web site, including http, conferencing, email, ftp, and news gateways.
Windows 2000 Security Handbook
McGraw-Hill Professional Publishing
By Phil Cox and Thomas Sheldon
November 2000
Windows 2000 Security Handbook provides step-by-step instructions on how to locate and plug security holes and backdoors, authenticate users, and defend against the latest methods of attack in Windows 2000.
Copyright © 2009 O'Reilly Media, Inc.