[lug] Holy Grail Book Recommendations
David L. Anselmi
anselmi at anselmi.us
Thu Jan 11 21:52:23 MST 2007
Ted Logan wrote:
> On 1/11/07, Chip Atkinson <chip at pupman.com> wrote:
>> TCP/IP Illustrated, volume 1, by Stevens.
> I love my copy of _TCP/IP Illustrated, Volume 1_, but due to its age,
> its coverage of newer protocols is lacking. It covers BOOTP instead of
> DHCP, and doesn't cover HTTP or SSH.
Stevens vol 1 is definately the way to go. If you read it you'll be
able to pick up DHCP, HTTP, and SSH easily from other sources. You
really want the layer 3 info in Stevens as it applies to all the other
protocols too. Most network problems happen at layer 2 or 3 and those
are the hard layers to design. The rest either just work or you go read
the source (assuming you're doing something wacky enough that they don't
Tannenbaum's "Computer Networks" is a good book for broader coverage of
networking. I don't know how current it is, mine predates most wireless.
Security is such a huge topic that you won't learn it no matter how many
books you read.
I'd say Amoroso's "Computer Security Fundamentals" is a good start but
you'd hate it. It appears to be about multi-level security, an NSA
effort in the 80s that largely failed. But it really is about the
fundamentals and is a great foundation if you can actually think.
A little less theoretical is Anderson's "Security Engineering".
O'Reilly has a book by Spafford and Garfinkle that should be a
reasonable start from a more practical direction, and their firewall book.
Any good sysadmin book will have a reasonable discussion of security
that's completely practical. But it can be hard to evaluate the
tradeoffs if that's your only reference. Limoncelli and Nemeth are the
two that seem best to me.
Of course Schneier is the bible on cryptography (which you may not
actually need to know anything about).
I don't know anything about writing secure code, but I hear the MS book
And finally, if Rob Slade reviews it and says it's good, it probably is
worth reading if you happen to be interested in the topic.
More information about the LUG