Network (and systems) security

So after working as an assistant to a network admin for a little while now, I've found myself getting more interested in the security side of things. Anyone know of any resources (online or book) to learn some more about this?
That's actually a book I looked at awhile ago. I may pick that up, though it doesn't quite seem to be what I'm looking for.
I have heard good things about:
The Tao of Network Security Monitoring: Beyond Intrusion Detection
By Richard Bejtlich
Yeah, a book about hacking isn't exactly going to be focused on the security aspect of things :p But knowing how various hacks work and all the different ways around things will certainly help you develop systems to prevent those workarounds and exploits.
IMO if you know how to break something, then you know how to prevent other people from breaking it.
Some websites that might be of interest:

Application Security and Vulnerability Analysis
http://pentest.cryptocity.net/

Penetration Testing Execution Standard homepage
http://www.pentest-standard.org/index.php/Main_Page
Last edited on
The book I have is:

Security in Computing
Charles P. Pfleeger, Shari Lawrence Pfleeger

The classic guide to information security--fully updated for the latest attacks and countermeasures

It's pretty thorough! The first thing it goes into is the goals of computer security: Confidentiality, Integrity, and Availability. And then goes on to explain the things you need to do to maintain this "CIA triad".

Andy

PS I have the second edition from a while ago, but I see it's now up to its 4th edition.

Last edited on
Topic archived. No new replies allowed.