This section describes a number of books that are useful as references or for further understanding of particular topics.
Cheswick, Bill and Steve Bellovin. Firewalls and Internet Security . Reading, MA : Addison-Wesley, 1994. ISBN 0-201-63357-4.
This was the first book published on firewalls, describing the authors' experiences building a series of firewalls for AT&T Bell Labs. The book tends to be good on theory and background, but weak on implementation details; it tells you how they build firewalls, but you probably can't duplicate their tools and methods without the same kind of backing they have ( AT&T Bell Labs). Even so, it's a classic in the field.
Comer, Douglas E. Internetworking with TCP/IP . Second Edition. Englewood Cliffs, NJ : Prentice Hall, 1991. ISBN 0-13-468505-9.
This book provides a good introduction to the nuts and bolts of TCP/IP networking. It discusses the basics about what packets look like and how routing works, etc. It also includes an introduction to some of the higher-level protocols such as SMTP and FTP .
Garfinkel, Simson. PGP : Pretty Good Privacy , Sebastopol, CA : O'Reilly & Associates, 1995, ISBN 1-56592-098-8.
This is an excellent guide to the very popular program, PGP , which lets you encrypt and apply digital signatures to your messages. In addition to technical details, it contains the fascinating, behind-the-scenes stories of Phil Zimmermann's development of PGP , electronic privacy, and cryptography export and patents in the United States.
Garfinkel, Simson and Gene Spafford. Practical UNIX and Internet Security . Second Edition. Sebastopol, CA : O'Reilly & Associates, 1996. ISBN 1-56592-148-8.
This is a very good guide to UNIX host security. Simson Garfinkel is also the author of PGP : Pretty Good Privacy . Gene Spafford is now one of the principals of the COAST project at Purdue University (see references to COAST above).
Hunt, Craig. TCP/IP Network Administration . Sebastopol, CA : O'Reilly & Associates, 1992. ISBN 0-937175-82-X.
This book is an excellent system administrator's overview of TCP/IP networking (with a focus on UNIX systems), and a very useful reference to major UNIX networking services and tools such as BIND (the standard UNIX DNS server) and Sendmail (the standard UNIX SMTP server). Our Appendix C, TCP/IP Fundamentals , which talks about the underlying TCP/IP protocols, is adapted from the first two chapters of this book.
Liu, Cricket, Jerry Peek, Russ Jones, Bryan Buus, and Adrian Nye. Managing Internet Information Services , Sebastopol, MA : O'Reilly & Associates, 1994. ISBN 1-56592-062-7.
This is an excellent guide to setting up and managing Internet services such as the World Wide Web, FTP , Gopher, and more, including discussions of the security implications of these services.
Nemeth, Evi, Garth Snyder, Scott Seebass, and Trent R. Hein. UNIX System Administration Handbook . Second Edition. Englewood Cliffs, NJ : Prentice Hall , 1995. ISBN 0-13-151051-7.
This is the standard reference guide to practical UNIX system administration issues. It includes good, real-world coverage of thorny issues like backups. It also includes a CD-ROM full of tools for UNIX system administrators.
Schneier, Bruce. Applied Cryptography . New York: John Wiley & Sons, 1994. ISBN 0-471-59756-2.
This is an extremely comprehensive book about cryptography algorithms and techniques. It covers the Data Encryption Standard, the RSA algorithm, and all of the other private and public key algorithms, with mathematical details for all of them. Source code is available.
Stallings, William. Network and Internetwork Security . Englewood Cliffs, NJ : Prentice Hall, 1995. ISBN 0-02-415483-0.
This is a good academic text on network and internetwork protocols, standards, and security features. It covers a variety of encryption products and standards, as well as the underpinnings of network architectures.
Stevens, Richard W. TCP/IP Illustrated, Volume 1: The Protocols . Reading, MA : Addison-Wesley, 1994. ISBN 0-201-63346-9.
This is a good guide to the nuts and bolts of TCP/IP networking. Its main strength is that it provides traces of the packets going back and forth as the protocols are actually in use, and uses this to illustrate the discussions of the protocols.
Stoll, Cliff. The Cuckoo's Egg . Garden City, NJ : Doubleday, 1989. ISBN 0-671726889.
This is a fascinating true story about a hunt for crackers on the Internet. It gives you an appreciation of the time and effort it takes to track an attack against your site, and it also includes a good chocolate chip cookie recipe.