[unisog] Network security textbooks
chmorl at wm.edu
Sat Nov 8 02:55:57 GMT 2003
The basic theory does not change much. I've found the following very
helpful (pretty technical -- and unfortunately pretty expensive):
Network Security: Private Communication in a Public World, 2nd Edition
Charlie Kaufman, Radia Perlman, Mike Speciner
Prentice Hall, 2002
The practical side? Now that's a moving target...
College of William and Mary
Information Technology - Network Engineering
Jones Hall (Room 18)
Williamsburg VA 23187
chmorl at wm.edu
On Fri, 7 Nov 2003, David Opitz wrote:
> Hi UNISOG!
> I am a Security Analyst, probably like many people on this email list. I have an opportunity to teach a Computer Science course in Network Security, and I'm looking for advice on a good textbook (along with good homework problems). This class could be either for new graduate students, or upper level undergrads. I have an idea of what I would cover in this class, starting with the theory of stuff like crypto (symmetric encryption, asymmetric encryption, hashes, PKI, authentication techniques) and security protocols (SSL, IPsec, SSH, Kerberos). These are the pieces you can use when designing a secure network.
> Then I would like to go into practical things - stuff that we all deal with on a daily basis, like buffer overflows, port scanning, vulnerability scanning, DOS attacks, how to use network firewalls and personal firewalls, auditing, intrusion detection, PGP, locking down a host (Windows or Linux), router security, honeypots, patching, and maybe even traffic shaping.
> I can find lots of book on the theory. I can also find lots of books on practical security or on hacking. But I haven't yet found one good textbook that covers both. One difficulty is that the practical side advances so quickly that books quickly become dated. Options include using two books, or just one book and supplement it with on-line articles.
> Does anyone have any suggestions for a good network security textbook? How about one of the books by William Stallings? Or "Computer Security" by Bishop? Or "Firewalls and Internet Security 2nd Edition" by Checkwick, Bellovin, and Rubin? Or something from the "Hacking Exposed" series? What else can combine theory and practice?
> Also, I'd like to hear if anyone has good ideas for practical, real-world, hands-on lab assignments or homework assignments. This is a bit tricky, since I don't want anyone to "accidentally" hack into something real, or mistakenly send out a virus email.
> Dave Opitz
> Security Analyst - Tech Services
> Loyola College in Maryland
More information about the unisog