Books about Security

• ICSA Library - Recommended reading
  Cryptography, Malicious Code / Computer Viruses, Network Security.
  By ICSA Labs.
• CERT Sources: Security Books and Articles
  By Computer Emergency Response Team (CERT).
• Hideaway.Net: Security Books
  General security, Firewalls, Java, Non-technical, Linux, Windows 2000/NT.
  By Hideaway.Net.
• Security Books
  Recommendations of the System and Network Security Team, University of Campinas (UNICAMP), Brazil.

Information Security

• Information Security Management Handbook (3280 p.)
  Authors: Harold F. Tipton; Micki Krause / Publisher: Auerbach, 6th Edition, May 2007 / ISBN-13: 9780849374951.
  Volume 2, 456 p., March 2008, ISBN-13: 9781420067088.
  2008 CD-ROM Edition, April 2008, ISBN-13: 9781420066982.

Network Security Concepts

• Network Security Essentials: Applications and Standards (432 p.)
  Author: William Stallings / Publisher: Prentice Hall, 2nd Edition, November 2002 / ISBN: 0-13-035128-8.
  Prentice Hall Companion Website for Books by William Stallings at Prentice Hall.
  Forthcoming 3rd Edition: ISBN 0-13-238033-1, July 2006.
  Instructor's Resource CD-ROM, 2/E, ISBN 0-13-046140-7.
  William Stallings site for the First Edition, ISBN 0130160938.
• Cryptography and Network Security: Principles and Practice (592 p.)
  Autor: William Stallings / Publisher: Prentice Hall, 4th Edition, December 2005 / ISBN: 0-13-187316-4.
  Revised Instructor's Resource CD-ROM, 3/E, ISBN 0-13-141677-4.
• Network Security: Private Communication in a Public World (752 p.)
  Authors: Kaufman, Charlie; Perlman, Radia; Speciner, Mike / Publisher: Prentice Hall PTR, 2nd edition, April 2002 / ISBN: 0130460192.
  Prentice Hall PTR Author Supplements for Network Security book: Errata, reader comments, updates, more information.
  With good coverage on cryptograpghy fundamentals, the book was updated on its second edition to cover current technologies, standards and applications on network security.
• Fundamentals of Network Security (380 p.)
  Author: Canavan, John E. / Publisher: Artech House, 2001 / ISBN: 1580531768.
• Secrets and Lies: Digital Security in a Networked World (448 p.)
  Author: Bruce Schneier / Publisher: John Wiley & Sons, January 2004 / ISBN: 978-0-471-45380-2 (paperback), 0471253111 (hardcover, 2000, out of print).

Network Security Practical Aspects

• The CERT Guide to System and Network Security Practices (480 p.)
  Author: Julia H. Allen / Publisher: Addison-Wesley, 2001 / ISBN: 0-201-73723-X.
  CERT Security Improvement Modules.
• Process of Network Security: Designing and Managing a Safe Network (304 p.)
  Author: Wadlow, Thomas / Publisher: Addison-Wesley, 2000 / ISBN: 0201433176.
• Practical Unix and Internet Security (1000 p.)
  Authors: Simson Garfinkel; Gene Spafford; Alan Schwartz / Publisher: O'Reilly Media, 3rd Edition, February 2003 / ISBN: 0-596-00323-4.
  After years of waiting (2nd Edition was at 1996), here is the updated new version, with the contribution of a new author, Alan Schwartz.
• Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit (914 p. w/CD)
  Author: John Chirillo / Publisher: Wiley, 2nd Edition, August 2002 / ISBN: 0-471-23282-3.
  The books include TigerTools security software (full single licence). Other Books by John Chirillo:
  • Hack Attacks Testing: How to Conduct Your Own Security Audit (540 p. w/CD)
    Author: John Chirillo / Publisher: Wiley, February 2003 / ISBN: 0-471-22946-6.
  • Hack Attacks Denied: A Complete Guide to Network Lockdown for UNIX, Windows, and Linux (689 p. w/CD)
    Author: John Chirillo / Publisher: Wiley, 2nd Edition, September 2002 / ISBN: 0-471-23283-1.
  • Hack Attacks Encyclopedia: A Complete History of Hacks, Cracks, Phreaks, and Spies Over Time (960 p.)
    Author: John Chirillo / Publisher: Wiley, August 2001 / ISBN: 0-471-05589-1.
• Hacking Exposed: Network Security Secrets & Solutions (784 p.)
  Authors: McClure, Stuart; Scambray, Joel; Kurtz, George / Publisher: Osborne McGraw-Hill, 4th edition, February 2003 / ISBN: 0-07-222742-7.
  
  • Hacking Linux Exposed (712 p.)
    Authors: Brian Hatch, James Lee / Publisher: Osborne McGraw-Hill, 2nd edition, December 2002 / ISBN: 0-07-222564-5.
  • Hacking Exposed Windows 2000 (538 p.)
    Authors: Joel Scambray, Stuart McClure / Publisher: Osborne McGraw-Hill, August 2001 / ISBN: 0-07-219262-3.
• Maximum Security (976 p. w/CD)
  Author: anonymous et. al. / Publisher: Sams (Pearson Technology Group), 4th edition, May 2001 / ISBN: 0672324598.
  Maximum Security, Third Edition - Safari Tech Books Online: Preview the Full Book.
  
  • Maximum MaxOS X Security (768 p.)
    Authors: John Ray; Will Ray / Publisher: Sams, May 2003 / ISBN: 0672323818.
  • Maximum Wireless Security (408 p. w/CD)
    Authors: Cyrus Peikari; Seth Fogie / Publisher: Sams, December 2002 / ISBN: 0672324881.
  • Maximum Apache Security (696 p. w/CD)
    Author: anonymous / Publisher: Sams, May 2002 / ISBN: 067232380X.
  • Maximum Windows 2000 Security (624 p.)
    Authors: Mark Burnett; L. J. Locher; Chris Doyle; Chris Amaris; Rand Morimoto / Publisher: Sams, December 2001 / ISBN: 0672319659.
• Web Security, Privacy & Commerce (786 p.)
  Authors: Simson Garfinkel; Gene Spafford / Publisher: O'Reilly Media, 2nd Edition, November 2001 / ISBN: 0-596-00045-6.
• Innocent Code: A Security Wake-Up Call for Web Programmers (246 p.)
  Author: Sverre H. Huseby / Publisher: Wiley, March 2004 / ISBN: 978-0-470-85744-1.

Application Security

• The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (768 p.)
  Authors: Dafydd Stuttard; Marcus Pinto / Publisher: John Wiley & Sons, October 2007 / ISBN: 978-0-470-17077-9.
  Web App Hacker's Handbook 2nd Edition - Preview.
• Security Engineering: A Guide to Building Dependable Distributed Systems (1080 p.)
  Author: Ross J. Anderson / Publisher: John Wiley & Sons, 2nd edition, April 2008 / ISBN: 978-0-470-06852-6.
• Hacking Exposed: Web Applications (482 p.)
  Authors: Joel Scambray; Vincent Liu; Caleb Sima / Publisher: McGraw-Hill Osborne, 3rd edition, October 2010 / ISBN: 978-007174064-7.
• Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast (320 p.)
  Authors: Paco Hope; Ben Walther / Publisher: O'Reilly Media, October 2008 / ISBN: 978-0-596-51483-9.
  Google Books: Web Security Testing Cookbook.
• Writing Secure Code (798 p.)
  Authors: Michael Howard; David LeBlanc / Publisher: Microsoft Press, 2nd edition, December 2002 / ISBN: 9780735617223.
• Web 2.0 Security: Defending Ajax, RIA, and SOA (384 p.)
  Author: Shreeraj Shah / Publisher: Charles River Media, December 2007 / ISBN: 9781584505501.
• Developer's Guide to Web Application Security (500 p.)
  Author: Michael Cross (Computer Forensic Analyst with the Niagara Regional Police Service, Canada) / Publisher: Syngress, February 2007 / ISBN: 978-1-59749-061-0.

Cryptography

• Practical Cryptography (416 p.)
  Authors: Niels Ferguson; Bruce Schneier / Publisher: Wiley, April 2003 / ISBN: 0-471-22357-3 (paperback), 0-471-22894-X (hardcover).
• Applied Cryptography: Protocols, Algorithms and Source Code in C (758 p.)
  Author: Schneier, Bruce / Publisher: John Wiley, 2nd Edition, 1996 / ISBN: 0471128457 (paperback), 0471117099 (hardcover).
  Tal Cohen's Bookshelf review.
• Cryptography Theory and Practice (816 p.)
  Author: Doug Stinson / Publisher: CRC Press, 3rd edition, November 2005 / ISBN: 1584885084.
  Course CS 758: Cryptography / Network Security, by prof. Doug Stinson, University of Waterloo, Ontario, Canada.
• Handbook of Applied Cryptography (616 p.)
  Authors: Alfred J. Menezes; Paul C. van Oorschot; Scott A. Vanstone / Publisher: CRC Press, October 1996 (Fifth Printing, August 2001) / ISBN: 0-8493-8523-7.
  All book chapters are available as free download in PDF and PS formats, for personal use only.
• The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography (410 p.)
  Author: Simon Singh / Publisher: Anchor Books, August 2000 / ISBN: 0385495323.
  Simon Singh's Crypto Corner.
• Classical Cryptography Course: Volume 1 (301 p.)
  Author: Randall K. Nichols / Publisher: Aegean Park Press, November 1998 / ISBN: 0894122630.
  Aegean Park Press: Publisher of texts on Cryptography, Cryptanalysis, Intelligence, and more.
• Classical Cryptography Course: Volume 2 (452 p.)
  Author: Randall K. Nichols / Publisher: Aegean Park Press, November 1998 / ISBN: 0894122649.

Firewalls

• Building Internet Firewalls (890 p.)
  Authors: Elizabeth D. Zwicky; Simon Cooper; D. Brent Chapman / Publisher: O'Reilly Media, 2nd Edition, 2000 / ISBN: 1565928717.
• Firewalls and Internet Security: Repelling the Wily Hacker (464 p.)
  Authors: William R. Cheswick; Steven M. Bellovin; Aviel D. Rubin / Publisher: Addison Wesley Professional, 2/E, February 2003 / ISBN: 0-201-63466-X.
  Bill Cheswick personal info.
• Firewalls: A Complete Guide (708 p.)
  Author: Marcus Gonçalves / Publisher: McGraw-Hill, 2000 / ISBN: 0071356398.
• Firewalls 24seven (496 p.)
  Authors: Matthew Strebe; Charles L. Perkins / Publisher: Sybex, 1999 / ISBN: 0782125298.