Any linux user serious about security should know about honeynets, here is a good article i found that explains them pretty well:
also have a look at the daddy of all honeynet projects, www.honeynet.org
I read a book on honeynets and pots a year or so ago that I thought was pretty good for those new to them. It's called "Know your enemy". You should be able to get a used copy for around $10 or 10.50 Euro's (I think) plus shipping.
See details on book at http://www.amazon.com/exec/obidos/tg...glance&s=books
i have read that as well, IMO worth the money.
It is a brillient book.
Don't be freakin me out reading the same books j :lol:
Just finished Hacking Exposed 4th edition. I'd read the 2nd edition and didn't think the 3rd edition had enough new info to justify the price.
Its not the only book someone should have but one reference book of several. I would recommend it along with "Know your Enemy", a TCP/IP book, a unix or linux book, a NT/2000 book, Networking book and a programing book (language of your choice) . All for learning and reference afterwards to justify the costs.
What may not be obvious is the programing book and security. The link here is you don't need to program to understand security but you do need to understand the concepts and methods of programing in general to understand the holes in poorly written OS's and applications.
You must also understand your enemy to defend yourself against him. Intentional or not, understanding buffer overflows, virus/worm/trojan horses, application security, etc... is a must.
For those just as cheap as I am, hardcopies of ebooks or good tutorials will due as a poor mans book for learning and reference. Try to find used. Most of the main security stuff isn't brand new so your book or tutorial does have to be either. Just keep that in mind when reading, that it is missing some info but most likely has most of what you need.
As far as the programming books go, I'll suggest any of the Sam's Publishing 21 Days books. I've used their C++ and Java books and am currently using the Perl in 21 Days to learn Perl. Excellent guides.
The Unleashed books are also good for more general info. I have FreeBSD Unleashed and Linux Programming Unleashed (haven't had a chance to look through it that much yet) and they're both pretty impressive.
This interesting conversation with Lance Spitzner just appeared on WebTalkGuys, as its related, and im about to listen to it, i thought i would post it here:
I've just been out and bought "Linux Complete"... It's one of the sybex books that are about 1000 pages long and have chapters from a few, more specific books. I'm only a few chapters in, but i'll tell you all how it was when I've finished it.
The sybex "Complete" range of books have been quite good in my opinion. I had one on networking and one on Java 2. They are all 1000+ pages and are £14.99 in the UK and $19.99 in the US.
I agree with your comment about having a range of books though FLW.
I don't actualy have that many in my collection, so I may aswell list them.
Java 2 Complete
Hacking Web Applications Exposed
Visual Basic 6 in 24 hours
PHP for the world wide web
PHP Advanced for the world wide web
Java for the world wide web
The XML handbook
Building bussiness websites
The hacker's handbook
Upgrading and repairing PC's 4th edition
all of whcih are good books. Although I'm not THAT immpressed with the sam's teach yourself VB6 in 24 hours. I don't know if its not that good because its about VB6 or because its a sams teach yourself whatever in 24 hours book.
I need a book on C, but I spent my spare money on linux complete (I have no job :cry: ) anyone wanna give me one? :P
Well, it IS VB. :wink:
I think that you'd like the 21 Days books better...trying to shove a language into 24 hrs. could decrease the quality of the book. Know of anywhere I could find the "complete" books in pdf or something to get a sample of?
It thing that annoyed me wasn't that it was tryign to teach me in 24 hours, it was that it wasn't teching me the language at all :evil: it was teachign me how to use the inteface half the time. it gave me code to use, but it didn't explain it very well or at all.
I havn't seen the the 'complete' books around in pdf format. (would be a pretty beefy file if there was one though)
They are very cheap though, so you may as well pick one up from a bookshop and just take it back if you don't like it. the only downside is that they are printed on low quality paper. which doesn't bather me, i'm only reading them for the information.
Just got paid today, so I think I'll buy one to check out along with my new LCD :twisted: (Cornea Systems CT1702).