.

1st 5 Books for newbie

<<

saintp

Newbie
Newbie

Posts: 1

Joined: Tue Jul 22, 2008 7:01 pm

Post Tue Jul 22, 2008 7:25 pm

1st 5 Books for newbie

What are the first 5 books that someone new to the Information Security Field should read?
<<

oneeyedcarmen

User avatar

Full Member
Full Member

Posts: 233

Joined: Thu Jul 05, 2007 2:13 pm

Location: Baltimore, MD USA

Post Wed Jul 23, 2008 8:04 am

Re: 1st 5 Books for newbie

Dr. Strangegoogle or: How I Learned to Stop Worrying and use the Search Field, by Chris Gates  ;D

In all seriousness, though, check out this thread which has some pretty good advice on getting started.

Some books to check out, in no particular order:

The Art of Deception, by Kevin Mitnick, et al.
Hacking for Dummies, by Kevin Beaver
Google Hacking for Penetration Testers, Vol. 2, by Johnny Long
Hacking Exposed, Vol.5, by McClure, Scambray & Kurtz

Then pick book or three on programming.  No need to become an expert programmer right away, but it'll at least help to understand what it is you're looking at.  Then you can start writing your own exploit code.
Reluctant CISSP, Certified ASS
<<

RobMongoose

User avatar

Newbie
Newbie

Posts: 28

Joined: Sat May 31, 2008 1:52 pm

Location: Sunderland, UK

Post Wed Jul 23, 2008 12:01 pm

Re: 1st 5 Books for newbie

I'd also check out the Stealing the Network series. Accurate yet enjoyable to read  :)
Blogs and web sites might be the best place to start though as infosec books tend to be a bit expensive...
Mutterings of an evil genius in training -
http://robmongoose.blogspot.com/
<<

oneeyedcarmen

User avatar

Full Member
Full Member

Posts: 233

Joined: Thu Jul 05, 2007 2:13 pm

Location: Baltimore, MD USA

Post Wed Jul 23, 2008 1:02 pm

Re: 1st 5 Books for newbie

[quote=RobMongoose]Blogs and web sites might be the best place to start though as infosec books tend to be a bit expensive...[/quote]

That, and they are rarely up to date...at least for very long.  But if you're just trying to get the basics, to teach your mind to think in certain ways, the used books off of Amazon or other vendors can be a good start.

And they look good on the bookshelf, just make sure you dust them because it will gather  ;)
Reluctant CISSP, Certified ASS
<<

mad_irish

User avatar

Newbie
Newbie

Posts: 17

Joined: Thu Aug 14, 2008 7:45 am

Post Thu Aug 14, 2008 9:47 am

Re: 1st 5 Books for newbie

The Art of Software Security Assessment by Dowd, McDonald and Schuh
-Wonderful overall assessment of the modern state of security (this book is HUGE)

Network Security Assessment by Chris McNabb
-This O'Reilly book is one of the best hands on guides I've found.

Linux Hacker Tools by Ivan Sklyarov
-This book explains how to build tools yourself, and in the process explores a lot of the underpinnings of many such tools.

Hacking, the Art of Exploitation by Erickson
-This is a great book that goes through a lot of hands on exercises valuable to penn testers.

Security in Computing by Pfleeger and Pfleeger
-The obligatory textbook to cover everything not covered above :)

I have to disagree with some of the other recommendations.  I find the Hacking Exposed series has jumped the shark and tries to be too much for too many people.  You get a real scattershot with that book in the latest edition.  I found Art of Deception to be interesting, but it's all about social engineering.  I'm not sure that would be in my top 5 for penn testers (I think finding technical security holes is more valuable to penn test clients, but that's just my opinion).

I do agree that a programming book or twenty are useful.  At the very least you should memorize the O'Reilly Practical C Programming by Loudon.  If you don't know how to program in a language or use a technology you have to rely on tools to find vulnerabilities.  Building Secure Software by McGraw and Viega is an invaluable resource.

http://www.MadIrish.net

Return to Opinions

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software