[unisog] Network security textbooks

Jordan Wiens jwiens at nersp.nerdc.ufl.edu
Mon Nov 10 14:35:34 GMT 2003


On Fri, 7 Nov 2003, David Opitz wrote:

> Does anyone have any suggestions for a good network security textbook?
> How about one of the books by William Stallings?  Or "Computer Security"
> by Bishop?  Or "Firewalls and Internet Security  2nd Edition" by
> Checkwick, Bellovin, and Rubin?  Or something from the "Hacking Exposed"
> series?  What else can combine theory and practice?

I'd actually sugest using one of the CISSP or other security coursework
review books.  It might not be your only textbook, but it would do a great
job of covering all the relevant topics and you can go into as much or as
little detail from each section as you like.  Plus, there are all sorts of
sample tests and questions in most books, so you can use those for
'homework' if you like.  For 'real world' examples, you could either use
the Hacking Exposed, or other books that do a better job of a more-hands
on approach, or supplement the head knowledge with labs like the ones
below.

> Also, I'd like to hear if anyone has good ideas for practical,
> real-world, hands-on lab assignments or homework assignments.  This is a
> bit tricky, since I don't want anyone to "accidentally" hack into
> something real, or mistakenly send out a virus email.

Potential lab assignments:

	o Perform forensic analysis on a honeynet image.
	o Hack a 'live' unpatched demo system on an isolated localnet.
	o Have other students set up, configure, and run an IDS monitoring
the above-mentioned hack and have them try to detect and/or stop the
attack at the network level.
	o For application security, have them learn to hack with webgoat:
http://www.owasp.org/development/webgoat

Sounds like a fun task, good luck with it, let us know how the class goes.

-- 
Jordan Wiens, CISSP
UF Network Incident Response Team
(352)392-2061




More information about the unisog mailing list