I receive a lot of requests from Geek With Laptop readers, some of my friends and also co-workers for resources that I use in my various talks and presentations on Information Technology Security.
So with that in mind, I figured with the amount of requests I’ve received recently, why not do a post on it?
Below are many books, websites and other resources that will help you get started in IT security:
Recommended Reading
- CISSP All-in-One Exam Guide by Shon Harris
- TCP/IP Illustrated by Richard Stevens
- Building Internet Firewalls by Elizabeth Zwicky
- Securing Windows NT/2000 Servers for the Internet by Stefan Norberg
- Hardening Windows Systems by Roberta Bragg
Recommended Tools
- WireShark – Examine packets (use with “TCP/IP Illustrated”, above)
- Superscan – Powerful TCP port scanner, pinger, resolver.
- Nessus and/or Nmap – Vulnerability scanners
Additional Tools
- Sysinternals – Variety of utilities
- PGP – Encryption, documentation is highly recommended, basically a primer on encryption.
Regulations and Standards
Vulnerability Lists
Local Chapter Organizations
Training Organizations
Some of you might be thinking to yourself “Good grief Sean! That’s a huge list of resources and information!” and yes, you’d be correct.
I thought you might want a little light reading for the weekend.
While the above list is by no means comprehensive, it should serve to give you some idea of the sorts of things involved with Information Technology Security.
Constructive comments, suggestions and additions are always welcome.
