Book Suggestions
A very good friend wrote to me recently asking for a few book
suggestions on networking and also on security to pass on to one of
their work colleagues, and I thought I'd make a note of my suggestions
here for whatever it is worth. Note that these are links to
Amazon.co.uk but not affiliate type links; you can buy with confidence
that I'm suggesting these books because I like them and not to line my
own pockets.
On a totally unrelated subject from security and
stuff, one book I’m pushing on everyone at the moment who might ever
have a need to present ANYTHING to clients or bosses or whatever is
Beyond Bulletpoints by Cliff Atkinson (website). You don't have to
suffer any more "death by powerpoint" moments... won't someone please
think of the children!
Anyway, books I’d always push on people about networking... I assume we’re talking about mostly above the physical layer.
- DNS & Bind
by Paul Albitz & Cricket Liu – a tough subject and not perhaps a
book to read cover to cover but you need this on your shelf as a
reference if you are serious about networking. There is a Windows
specific edition to this which isn’t a bad book if that is what you
need, but I suggest avoiding that and getting the more general guide
even if you expect to be working with DNS on Windows. DNS is a core
technology for any LAN or WAN network and needs to be understood as a
technology in its own right before you worry about different machine
implementations.
- Microsoft Encyclopedia of Networking
by Mitch Tulloch – no point in having the other books without being
able to look up odd phrases is there? I still use this to get the
“official” definition of things! If you don't like the Microsoft
Encylopedia then that is perfectly fine but you should have some kind
of encylopedia to hand.
- The Cabling Handbook
by John Vacca – The higher level networking stuff still needs something
physical to run on and this is a reference to the how and why of wire,
and more beyond that. This is a serious book for the physical design
side of networking.
- Ethernet: The Definitive Guide
by Charles Spurgeon – like the DNS book, not fun reading in and of
itself perhaps, but an essential reference and for all the same reasons.
As for security
- Maximum Security by
“Anonymous” (!) and published by SAMS – securing a network from the
hacker’s point of view. Some good stuff on practical attack vectors and
protections and on how hacker minds work.
- Hacking Exposed by Stuart McClure, Joel Scambray and George Kurtz – more of the same as above.
- Microsoft Encyclopedia of Security by Mitch Tulloch – [see justification of network encyclopedia!]
- Assessing Network Security
by Kevin Lam, David LeBlanc and Ben Smith – I think this is a very good
read for practical advice and guidelines on assessing risks on a
network and thinking about a course of action based on your assessment.
- Microsoft Windows Security Resource Kit
by Ben Smith, Brian Komar and the Microsoft Security Team - I might be
biased because my copy is an autographed gift copy from the first print
run, but this is a very good guide to locking down systems and networks
that involve Microsoft technology, which like it or not is most of them
these days.
- Incident Response
by Kenneth van Wyk and Richard Forno – People who know me know that
I’ve always said that people WILL get hit in the end no matter how good
they are... so this is a guide about how to respond when it’s you /
your organisation’s turn in the barrel.