Favorite (IT-)Books

Sections

	General IT & Information Security
	Practical Unix & Internet Security, 3rd Edition by Gene Spafford, Simson Garfinkel, Alan Schwartz
	Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition by Ross J. Anderson
	Building Internet Firewalls (2nd Edition) by Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman
	Secure Coding: Principles and Practices by Mark G. Graff, Kenneth R. Van Wyk
	Mastering FreeBSD and OpenBSD Security by Yanek Korff, Paco Hope, Bruce Potter
	Security Warrior by Cyrus Peikari, Anton Chuvakin
	Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey
	CISSP (Certified Information Systems Security Professional) All-in-One Exam Guide, 3rd Edition by Shon Harris
	Official (ISC)2 Guide to the SSCP CBK by Diana-Lynn Contesti, Douglas Andre, Eric Waxvik, Paul A. Henry, Bonnie A. Goins Note: do not read this book without having read the Shon Harris book (see above)
	Buffer Overflow Attacks by James C. Foster, Vitaly Osipov, Nish Bhalla
	Botnets: The Killer Web Applications by Craig Schiller, Jim Binkley
	Linux Firewalls von Andreas G. Lessig Als Latex Version: O'Reilly Open Book.
	Das Firewall Buch von Wolfgang Barth
	Essential PHP Security by Chris Shiflett
	Secrets and Lies: Digital Security in a Networked World by Bruce Schneier
	The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Make sure you read the original first chapter and about the rumors surrounding it. You might also be interested in Mitnick's testimony before the U.S. Congress.
	The Myths of Security: What the Computer Security Industry Doesn't Want You to Know by John Viega
	Hacking: The Next Generation by Nitesh Dhanjani, Billy Rios, and Brett Hardin
	Information Security Management
	Information Security Management Handbook, Sixth Edition by Harold F. Tipton, Micki Krause Note: OK, this 3280-pager, I have to admit, is the only book in this list, I have not (yet) read cover to cover :-)
	The Security Risk Assessment Handbook by Douglas J. Landoll
	The New School of Information Security by Adam Shostack, Andrew Stewart
	Security Metrics: Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith
	The Failure of Risk Management: Why It's Broken and How to Fix It by Douglas W. Hubbard
	How to Measure Anything: Finding the Value of Intangibles in Business by Douglas W. Hubbard
	The Flaw of Averages: Why We Underestimate Risk in the Face of Uncertainty by Sam L. Savage
	Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI by Debra S. Herrmann
	Assessing and Managing Security Risk in IT Systems: A Structured Methodology by John McCumber
	Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management by Thomas R. Peltier
	Information Security Risk Analysis, Second Edition by Thomas R. Peltier
	Network Security Assessment by Chris McNab
	Writing Information Security Policies by Scott Barman
	The Black Swan: The Impact of the Highly Improbable by Nassim Nicholas Taleb
	Incident Response, Intrusion Detection & Forensics
	Incident Response: A Strategic Guide to Handling System and Network Security Breaches by Eugene Schultz and Russell Shumway
	Network Intrusion Detection (3rd Edition) by Stephen Northcutt, Judy Novak
	Intrusion Signatures and Analysis by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick
	Forensic Discovery by Dan Farmer, Wietse Venema Freely available at http://www.porcupine.org/forensics/forensic-discovery/.
	Managing Security with Snort and IDS Tools by Christopher Gerg, Kerry J. Cox
	Rootkits: Subverting the Windows Kernel by Greg Hoglund, Jamie Butler
	Cryptography
	Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition by Bruce Schneier
	Network Administration
	TCP/IP Illustrated, Volume 1 by W. Richard Stevens
	IP Routing by Ravi Malhotra
	Linux Network Administrator's Guide (2nd Edition) by Olaf Kirch, Terry Dawson In PDF, HTML or other formats: The Linux Documentation Project. In Deutscher Sprache als O'Reilly Open Book.
	Switching to VoIP by Theodore Wallingford
	Linux/UNIX System Administration
	qmail by John R. Levine
	Postfix: The Definitive Guide by Kyle D. Dent
	SpamAssassin by Alan Schwartz
	LDAP System Administration by Gerald Carter
	SSH, The Secure Shell: The Definitive Guide by Daniel J. Barrett, Richard Silverman
	DNS and BIND, Fourth Edition by Cricket Liu, Paul Albitz
	UNIX Backup and Recovery by W. Curtis Preston
	Essential System Administration, Third Edition by AEleen Frisch
	The Complete FreeBSD, 4th Edition Freely available at http://www.lemis.com/grog/Documentation/CFBSD/.
	Solaris 10 Advanced User's Guide Freely available at http://docs.sun.com/app/docs/prod/solaris.10.
	Solaris 10 System Administration Guide: Basic Administration Freely available at http://docs.sun.com/app/docs/prod/solaris.10.
	Running Linux, Fourth Edition by Matt Welsh, Lar Kaufman, Matthias Kalle Dalheimer, Terry Dawson In Deutscher Sprache in der 3. Auflage als O'Reilly Open Book.
	Linux System Administration, Second Edition (Craig Hunt Linux Library) by Vicki Stanfield, Roderick W. Smith
	Learning the vi Editor (6th Edition) by Arnold Robbins, Linda Lamb
	Learning the bash Shell, 2nd Edition by Bill Rosenblatt, Cameron Newham
	Learning Perl, Fourth Edition by Randal Schwartz, Tom Phoenix, Brian Foy
	Learning the UNIX Operating System, Fifth Edition by Jerry Peek, Grace Todino-Gonguet, John Strang
	Windows System Administration
	Microsoft Windows 2000 Server Administrator's Companion, Second Edition by Charlie Russel, Sharon Crawford, Jason Gerend
	Programming/Software Development
	Beginning Java 2 by Ivor Horton
	Thinking in Java (3rd Edition) by Bruce Eckel This book is available for download at mindview.net. personal note: that's how I learned programming and understoode the OO concept - it's my bible!
	JavaServer Pages, 3rd Edition by Hans Bergsten
	Web Application Development with PHP 4.0 (with CD-ROM) by Tobias Ratschiller, Till Gerken Note: this one is really outdated by now
	JavaScript: The Definitive Guide by David Flanagan
	Ajax in Action by Dave Crane, Eric Pascarello, Darren James
	Open Source Development with CVS, 3rd Edition by Moshe Bar, Karl Fogel In PDF, HTML or other formats (also in German): cvsbook.red-bean.com.
	The C Programming Language, 2nd Edition by Brian W. Kernighan, Dennis Ritchie, Dennis M. Ritchie
	Professional Assembly Language by Richard Blum
	Data Modeling & Databases
	Data Modeling Essentials, Third Edition by Graeme Simsion, Graham Witt
	MySQL, Second Edition by Paul DuBois
	Oracle9i: The Complete Reference by Kevin Loney, George Koch, Tusc
	Oracle9i PL/SQL Programming by Scott Urman
	Legal This section only lists books that are also appropriate for laypersons.
	U.S. Data Breach Notification Law: State by State by John P. Hutchins et al.
	A Guide to HIPAA Security and the Law by Stephen S. Wu (Editor)
	Critical Information Infrastructure Protection and the Law: An Overview of Key Issues by Stewart D. Personick & Cynthia A. Patterson (Editors)
	Information Security Law: The Emerging Standard for Corporate Compliance by Thomas J. Smedinghoff
	FISMA Certification & Accreditation Handbook by Laura Taylor
	Sarbanes-Oxley Guide for Finance and Information Technology Professionals by Sanjay Anand
	GigaLaw Guide to Internet Law by Doug Isenberg Great introduction to US Internet law - from intellectual property rights to the First Amendment!
	Digital Copyright by Jessica Litman
	Open Source Licensing: Software Freedom and Intellectual Property Law by Lawrence Rosen
	A Practical Guide to Software Licensing for Licensees and Licensors by H. Ward Classen
	Breaking the Vicious Circle: Toward Effective Risk Regulation von Stephen Breyer
	Economics of IT & Information Security
	Information Rules: A Strategic Guide to the Network Economy by Carl Shapiro and Hal R. Varian
	The Economic Structure of Intellectual Property Law by William M. Landes and Richard A. Posner
	The Economics of Information Technology: An Introduction by Hal R. Varian, Joseph Farrell, and Carl Shapiro
	Geekonomics: The Real Cost of Insecure Software by David Rice
	Managing Information Risk and the Economics of Security by M. Eric Johnson
	Economics of Information Security by L. Jean Camp and Stephen Lewis (editors)
	The Law and Economics of Cybersecurity by Mark F. Grady and Francesco Parisi
	IT, Security, Privacy & Society
	Schneier on Security by Bruce Schneier
	Beyond Fear by Bruce Schneier
	Nothing to Hide: The False Tradeoff between Privacy and Security by Daniel J. Solove
	The Digital Person: Technology and Privacy in the Information Age by Daniel J. Solove
	Understanding Privacy by Daniel J. Solove
	Privacy in Context: Technology, Policy, and the Integrity of Social Life by Helen Fay Nissenbaum
	Legislating Privacy: Technology, Social Values, and Public Policy by Priscilla M. Regan
	Database Nation: The Death of Privacy in the 21st Century by Simson Garfinkel
	Das Ende der Privatsphäre by Peter Schaar
	Full Disclosure: The Perils and Promise of Transparency by Archon Fung, Mary Graham, and David Weil
	The Wealth of Networks: How Social Production Transforms Markets and Freedom by Yochai Benkler
	Internet Architecture and Innovation by Barbara Van Schewick
	Code: And Other Laws of Cyberspace, Version 2.0 by Lawrence Lessig
	Free Culture: The Nature and Future of Creativity by Lawrence Lessig
	The Future of Ideas: The Fate of the Commons in a Connected World by Lawrence Lessig
	Remix: Making Art and Commerce Thrive in the Hybrid Economy by Lawrence Lessig
	Here Comes Everybody: The Power of Organizing Without Organizations by Clay Shirky
	Freedom of Expression: Resistance and Repression in the Age of Intellectual Property by Kembrew McLeod
	The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary by Eric S. Raymond
	Who Controls the Internet?: Illusions of a Borderless World by Jack Goldsmith and Tim Wu
	The Future of the Internet--And How to Stop It by Jonathan Zittrain
	Access Denied: The Practice and Policy of Global Internet Filtering by Ronald J. Deibert, John G. Palfrey, Rafal Rohozinski, and Jonathan Zittrain
	IT & National Security
	Cyberpower and National Security by Franklin D. Kramer, Stuart H. Starr, and Larry Wentz (Editors)
	Cyber War: The Next Threat to National Security and What to Do About It by Richard A. Clarke and Robert Knake
	IT Security Culture
	The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll
	The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers by Kevin D. Mitnick and William L. Simon