There are plenty of free resources out there but I do like to pay for good books. I personally use O'Reilly's Safari for online book reading. I've been using it for a few years now and I really like it. It is nice to be able to use my tablet, phone, or computer to read a book. There is a 10 day free trial and that is what hooked me many years ago. I currently have a 10 book bookshelf and I am able to choose 10 new books a month (if I happen to read all 10 that month...which doesn't happen). I believe I upgraded to the 10 book option as a deal and I got it for $19.99 per month which I feel is a pretty good deal. Here are the books currently on my shelf regarding Information Security.
Currently Reading
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)
On the Bookshelf
The Basics of Digital Forensics
Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7
Digital Forensics with Open Source Tools
The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Windows System Programming (4th Edition)
Write Great Code, Volume 2: Thinking Low-Level, Writing High-Level
Windows via C/C++
I believe you can kind of tell by the looks of the books that I'm greatly interested in Forensics but I'm also interested in Malware Analysis, Pen Testing....more of the engineering side of things. It amazes me how smart folks out there can find exploits in systems, it makes me want to learn more.
The issue I have is TIME. Having a full time system admin job always requires me to continue learning and keeping up with that part of the industry. Then when I get home I usually have school work to do although this semester is very helpful because it is a C Programming class. Speaking of, C Programming - A Modern Approach is the book we are using for class. It is a good book so far but since it is geared towards being a school text it is expensive. Back on the topic of time, I also have a family I love spending time with and also try to have some type of social life. That leaves late nights for my InfoSec stuff but I'm trying to do as much as I can right now.
I've seen quite a few books recommended out on different InfoSec blogs and sites, here are a few of them. I haven't read any of these but I'm hoping some are available through O'Reilly so I can check them out.
TaoSecurity seems to do a review on the best books every year. I haven't read any of these yet but I will be putting some of them on my list.
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Crimeware: Understanding New Attacks and Defenses
Security Engineering: A Guide to Building Dependable Distributed Systems
Hacking Exposed Series
The Giant Black Book of Computer Viruses
The Mac Hacker's Handbook
The New School of Information Security
Cryptography Engineering
If anyone reading this has read any of these books and can give a recommendation or not that would be great.
No comments:
Post a Comment