The Shellcoder's Handbook: Discovering and Exploiting Security Holes23 reviews Jack Koziol, Dave Aitel, ... Wiley, 2004 Excellent Book + The best out there, but not so different from the first edition + The greatest book on finding exploits hands down !!! + The hacker's bible             Preventing Web Attacks with Apache7 reviews Ryan C. Barnett Addison-Wesley Professional, 2006 If you run Apache, read this book + super + A strong mix of Apache security and Web application assessment + pretty good + A comprehensive treatment of the thorny area of web server security             How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Book & CD11 reviews Mike Andrews, James A. Whittaker Addison-Wesley Professional, 2006 Great advice for software developers + Wow! + Fast international delivery + Very informative. If you develop web software it's a must-read             Rootkits: Subverting the Windows Kernel (Addison-Wesley Software Security Series)21 reviews Greg Hoglund, Jamie Butler Addison-Wesley Professional, 2005 Excellent intermediate/advanced security book + Great Book + The definitive text on Windows rootkits, applicable in 2005 or 2007 + Belongs on all IT security professionals' bookshelves + Excellent read             SELinux: NSA's Open Source Security Enhanced Linux9 reviews Bill McCarty O'Reilly Media, Inc., 2004 One of the best on creating a secure Linux system + Great Overview to a Potentially Complex Topic + vastly improved implementation So what makes Selinux more secure than standard Linux? Primarily it is the implementation of role-based access control, sandboxing, and an audit facility that allows the system to log any attempts to exceed specified permissions. It does all this without conflicting with the normal permissions of ...             The Oracle Hacker's Handbook: Hacking and Defending Oracle5 reviews David Litchfield Wiley, 2007 Oracle Hacker's Handbook review + Excellent Book + Nice to read a book with no waffle !!! + This book is like a knife... you can cut the bread or you can kill with it...             Forensic Discovery (Addison-Wesley Professional Computing Series)14 reviews Dan Farmer, Wietse Venema Addison-Wesley Professional, 2005 Superb forensics book on evidence discovery + A Neophyte's Perspective + Nice look at Unix forensics! + Forensic Discovery is a great resource + More informative than books twice its size             Stealing the Network: How to Own a Shadow (Stealing the Network) (Stealing the Network)10 reviews Johnny Long, Tim Mullen, ... Syngress, 2007 Author "review" + One of the better installments when it comes to plot and pacing... + Entertaining way to learn + Best One Yet             SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)3 reviews Frank Mayer, Karl MacMillan, ... Prentice Hall PTR, 2006 is it germane to your usage of linux? + Policies, policies, policies If you are a linux or unix user, then you're probably pretty familiar with the permissions settings on files. It's a basic methodology that is essentially unchanged over 20 years or more or unix development. But its shortcomings have been just as well known to unix experts over that time. What ...             Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions (Hacking Exposed)2 reviews David Endler, Mark Collier McGraw-Hill Osborne Media, 2006 A great Hacking Exposed and VoIP security book + Invaluable VoIP Security Handbook Hacking Exposed: VoIP (HE:V) is the sort of HE book I like. It's fashionable to think HE books are only suitable for script kiddies who run tools they don't understand against vulnerable services they don't recognize. I like HE books because the good ones explain a technology from a security ...             Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals7 reviews James C. Foster, Stuart McClure Syngress, 2005 The all in one book + Good book + unique reference First thing, I'd like to say this book basically requires a basic knowledge on C/C++, sockets, shellcoding, and basic exploitation techniques. It's not an introduction for the total newbie. Now, if you actually know the basics, this is your book. I actually learned a lot from the sockets and the ...             Hardening Apache8 reviews Tony Mobily Apress, 2004 An excellent book filling a huge gap + Assumes *nix?! + super + To the point! + Your return will exceed the price in a very short time             Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks24 reviews Michal Zalewski No Starch Press, 2005 A Wonderful Treatment of Network Security + Great read + Zalewski deals in the minutia + Light Face of the Dark Side             Defense and Detection Strategies against Internet Worms3 reviews Jose Nazario Artech House Publishers, 2003 Fun book on worms? Yes! + Excellent + The definitive guide to the history and development of worms (...) It is not very common to see an unusual security book nowadays as many authors cover every subject. However, such sexy subject as worms, did not, in my opinion, receive adequate coverage. This book does fill this important niche effectively! It starts from motivation sections that, if not ...             19 Deadly Sins of Software Security (Security One-off)8 reviews Michael Howard, David LeBlanc, ... McGraw-Hill Osborne Media, 2005 Required reading for software developers + A fast read that addresses serious problems in a decent manner + The bug parade + A Must Have in your Info Security Library + a meta-language view of common problems             Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network5 reviews Michael Gregg Syngress, 2006 Unique Concept - Good Introduction to Topics Hack the Stack is a Syngress title that primarily focuses on security topics layer by layer. The book takes a concept most people know, the OSI model, and uses that approach to discuss security exploits, vulnerabilities, and defenses. I liked the concept and the manner in which the material was ...             Secrets and Lies: Digital Security in a Networked World125 reviews Bruce Schneier Wiley, 2004 Theory of Security + Excellent Book + A little old but still good + A little dated but still essential reading + Great Read             Software Security: Building Security In (Addison-Wesley Software Security Series)19 reviews Gary McGraw Addison-Wesley Professional, 2006 Required residing for all software developers + High-level security concepts book. + The best secure development lifecycle book + Good book for secure software coding ! + A powerful book with deep truths for secure development             Professional Pen Testing for Web Applications (Programmer to Programmer)6 reviews Andres Andreu Wrox, 2006 Excellent Book for Security Staff handles Day-to-Day security intrusions + Entertaining and educational + Smokin Hot Book! + An aptly named book on a crucial and modern security topic + A "Must Have" for your technical library!             Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition) (The ...43 reviews Edward Skoudis, Tom Liston Prentice Hall PTR, 2006 Another winner + Excellent book for a broad overview of Computer/Network Security + awesome + Easy read for terms, too much stuff in some places