The all-new switch book : the complete guide to LAN switching technology / Rich Seifert, Jim Edwards, Wiley, 2008
If you think Ethernet hubs and switches are simple, you need to do some reading in this well written book. Topics include link congestion, security, source routing, and Virtual LANs (VLANs). 750 pages, hardcover.
Change your career. Computer network security as your new profession / Troy McMillan, Kaplan, 2007
If your cheese has been moved, and you are thinking of working in the security field, this is a useful book for planning the change. 200 pages of common sense, easy reading.
Managing the human factor in information security : how to win over staff and influence business managers / David Lacey, Wiley, 2009
Here is a really useful book for the IT admin in charge of security. Attackers con insiders too easily, and we need to counter the problem with the help of all employees. “I’m really interested in reading this book and, frankly, once it’s published, I’ll be one of the first to buy it.” — Dr. Eugene Schultz
Essential PHP security / Chris Shiflett, O’Reilly, 2006
This 100 page slim book is required reading for all PHP programmers (that’s all of us, isn’t it?)
Creating the secure managed desktop : using Group Policy, SoftGrid, Microsoft Deployment Toolkit, and other management tools / Jeremy Moskowitz, Wiley, 2008
Here are 700 pages of very readable guidance to managing workstations in a business environment.
Security and Usability – Designing Secure Systems That People Can Use, Simson Garfinkel, O’Reilly, 2005
System designers will want to read this. 714 pages.
Linux firewalls : attack detection and response with iptables, psad, and fwsnort / by Michael Rash, No Starch Press, 2007
Here is a good introduction to iptables and related tools, with script examples. Make good use of this book, and there is a good chance you and your company will never get hacked.
Security data visualization : graphical techniques for network analysis / Greg Conti, No Starch Press, 2007
How do you analyze the logs from your firewalls, IDS’s, and web servers? They are large, and many people don’t have time to even peek at them. This book discusses ways to use graphical tools to display patterns gleaned from the logs so you can visualize the problem. Several open source projects are discussed.
The new school of information security / Adam Shostack, Addison-Wesley, 2008, hard cover
The economics of security. This is not a large book, but it is very readable and full of insight, suggesting a new approach to security. One of the best books I have read this year.
Professional rootkits / Ric Vieler. Wiley, 2007.
A programmer’s book on writing root kits for Windows. Here are lots of details on how to hack someone’s machine, though minimal discussion of virtualization. Written by an ‘Ethical Hacker’, this book will be useful to security pro’s who need to harden systems, or reverse engineer malware. Unfortunately, it might be quite useful to blackhats.