Unlike information technology domains in which anything between book covers is suspected of being obsolete, security is a discipline in which seasoned experience still has value. Three titles released this year offer different approaches to meet different needs.
"Security in Computing"
Charles and Shari Pfleeger; Prentice Hall PTR; $79
Now in its third edition, "Security in Computing" by Charles and Shari Pfleeger is a comprehensive textbook, including end-of-chapter exercises that make it suitable for training as well as for self-education and reference.
This update to the 1997 edition includes substantial new material on network security and restructures encryption material to separate theoretical discussion from everyday applications. Wherever we open this book, we find ourselves immediately drawn into its clear (but not dumbed-down) presentation.
"Hacking Linux Exposed"
Brian Hatch and James Lee; McGraw Hill/Osborne; $49.99
For those whose primary interest is the mechanics of attack and defense, the second edition of "Hacking Linux Exposed" by Brian Hatch and James Lee offers a structured treatment that covers external, local-user and server attacks. It also provides valuable guidance on post-attack follow-up, an oft-neglected topic. Even non-Linux sites will benefit from this treatment, which delves into the mechanisms of attack right down to the (open) source code.
Bruce Potter and Bob Fleck; OReilly & Associates; $34.95
With wireless networks the fastest-growing IT vulnerability, Bruce Potter and Bob Fleck are timely in offering their text, "802.11 Security."
Beginning with just the basics of how 802.11 works, followed by an overview of attack types, the authors quickly dive into specifics of securing Windows, Mac OS X, Linux, FreeBSD, and OpenBSD stations and gateways. With many users adopting wireless without regard for corporate policy, it borders on negligence not to have this information at hand.