Favorite (IT-)Books

Sections

	General IT & Information Security
	Practical Unix & Internet Security, 3rd Edition by Gene Spafford, Simson Garfinkel, Alan Schwartz
	Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition by Ross J. Anderson
	Building Internet Firewalls (2nd Edition) by Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman
	Secure Coding: Principles and Practices by Mark G. Graff, Kenneth R. Van Wyk
	Mastering FreeBSD and OpenBSD Security by Yanek Korff, Paco Hope, Bruce Potter
	Security Warrior by Cyrus Peikari, Anton Chuvakin
	Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey
	CISSP (Certified Information Systems Security Professional) All-in-One Exam Guide, 3rd Edition by Shon Harris
	Official (ISC)2 Guide to the SSCP CBK by Diana-Lynn Contesti, Douglas Andre, Eric Waxvik, Paul A. Henry, Bonnie A. Goins Note: do not read this book without having read the Shon Harris book (see above)
	Buffer Overflow Attacks by James C. Foster, Vitaly Osipov, Nish Bhalla
	Botnets: The Killer Web Applications by Craig Schiller, Jim Binkley
	Linux Firewalls von Andreas G. Lessig Als Latex Version: O'Reilly Open Book.
	Das Firewall Buch von Wolfgang Barth
	Essential PHP Security by Chris Shiflett
	Secrets and Lies: Digital Security in a Networked World by Bruce Schneier
	The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Make sure you read the original first chapter and about the rumors surrounding it. You might also be interested in Mitnick's testimony before the U.S. Congress.
	The Myths of Security: What the Computer Security Industry Doesn't Want You to Know by John Viega
	Information Security Management
	Information Security Management Handbook, Sixth Edition by Harold F. Tipton, Micki Krause Note: OK, this 3280-pager, I have to admit, is the only book in this list, I have not (yet) read cover to cover :-)
	The Security Risk Assessment Handbook by Douglas J. Landoll
	The New School of Information Security by Adam Shostack, Andrew Stewart
	Assessing and Managing Security Risk in IT Systems: A Structured Methodology by John McCumber
	Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management by Thomas R. Peltier
	Information Security Risk Analysis, Second Edition by Thomas R. Peltier
	Network Security Assessment by Chris McNab
	Writing Information Security Policies by Scott Barman
	Incident Response, Intrusion Detection & Forensics
	Incident Response: A Strategic Guide to Handling System and Network Security Breaches by Eugene Schultz and Russell Shumway
	Network Intrusion Detection (3rd Edition) by Stephen Northcutt, Judy Novak
	Intrusion Signatures and Analysis by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick
	Forensic Discovery by Dan Farmer, Wietse Venema Freely available at http://www.porcupine.org/forensics/forensic-discovery/.
	Managing Security with Snort and IDS Tools by Christopher Gerg, Kerry J. Cox
	Rootkits: Subverting the Windows Kernel by Greg Hoglund, Jamie Butler
	Cryptography
	Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition by Bruce Schneier
	Network Administration
	TCP/IP Illustrated, Volume 1 by W. Richard Stevens
	IP Routing by Ravi Malhotra
	Linux Network Administrator's Guide (2nd Edition) by Olaf Kirch, Terry Dawson In PDF, HTML or other formats: The Linux Documentation Project. In Deutscher Sprache als O'Reilly Open Book.
	Switching to VoIP by Theodore Wallingford
	Linux/UNIX System Administration
	qmail by John R. Levine
	Postfix: The Definitive Guide by Kyle D. Dent
	SpamAssassin by Alan Schwartz
	LDAP System Administration by Gerald Carter
	SSH, The Secure Shell: The Definitive Guide by Daniel J. Barrett, Richard Silverman
	DNS and BIND, Fourth Edition by Cricket Liu, Paul Albitz
	UNIX Backup and Recovery by W. Curtis Preston
	Essential System Administration, Third Edition by AEleen Frisch
	The Complete FreeBSD, 4th Edition Freely available at http://www.lemis.com/grog/Documentation/CFBSD/.
	Solaris 10 Advanced User's Guide Freely available at http://docs.sun.com/app/docs/prod/solaris.10.
	Solaris 10 System Administration Guide: Basic Administration Freely available at http://docs.sun.com/app/docs/prod/solaris.10.
	Running Linux, Fourth Edition by Matt Welsh, Lar Kaufman, Matthias Kalle Dalheimer, Terry Dawson In Deutscher Sprache in der 3. Auflage als O'Reilly Open Book.
	Linux System Administration, Second Edition (Craig Hunt Linux Library) by Vicki Stanfield, Roderick W. Smith
	Learning the vi Editor (6th Edition) by Arnold Robbins, Linda Lamb
	Learning the bash Shell, 2nd Edition by Bill Rosenblatt, Cameron Newham
	Learning Perl, Fourth Edition by Randal Schwartz, Tom Phoenix, Brian Foy
	Learning the UNIX Operating System, Fifth Edition by Jerry Peek, Grace Todino-Gonguet, John Strang
	Windows System Administration
	Microsoft Windows 2000 Server Administrator's Companion, Second Edition by Charlie Russel, Sharon Crawford, Jason Gerend
	Programming/Software Development
	Beginning Java 2 by Ivor Horton
	Thinking in Java (3rd Edition) by Bruce Eckel This book is available for download at mindview.net. personal note: that's how I learned programming and understoode the OO concept - it's my bible!
	JavaServer Pages, 3rd Edition by Hans Bergsten
	Web Application Development with PHP 4.0 (with CD-ROM) by Tobias Ratschiller, Till Gerken Note: this one is really outdated by now
	JavaScript: The Definitive Guide by David Flanagan
	Ajax in Action by Dave Crane, Eric Pascarello, Darren James
	Open Source Development with CVS, 3rd Edition by Moshe Bar, Karl Fogel In PDF, HTML or other formats (also in German): cvsbook.red-bean.com.
	The C Programming Language, 2nd Edition by Brian W. Kernighan, Dennis Ritchie, Dennis M. Ritchie
	Professional Assembly Language by Richard Blum
	Data Modeling & Databases
	Data Modeling Essentials, Third Edition by Graeme Simsion, Graham Witt
	MySQL, Second Edition by Paul DuBois
	Oracle9i: The Complete Reference by Kevin Loney, George Koch, Tusc
	Oracle9i PL/SQL Programming by Scott Urman
	Legal This section only lists books that are also appropriate for laypersons.
	A Guide to HIPAA Security and the Law by Stephen S. Wu (Editor)
	FISMA Certification & Accreditation Handbook by Laura Taylor
	Sarbanes-Oxley Guide for Finance and Information Technology Professionals by Sanjay Anand
	GigaLaw Guide to Internet Law by Doug Isenberg Great introduction to US Internet law - from intellectual property rights to the First Amendment!
	Open Source Licensing: Software Freedom and Intellectual Property Law by Lawrence Rosen
	A Practical Guide to Software Licensing for Licensees and Licensors by H. Ward Classen
	Computerstrafrecht im Überblick von Susanne Reindl
	Economics of IT & Information Security
	Information Rules: A Strategic Guide to the Network Economy by Carl Shapiro and Hal R. Varian
	Managing Information Risk and the Economics of Security by M. Eric Johnson
	The Law and Economics of Cybersecurity by Mark F. Grady and Francesco Parisi
	IT, Security, Privacy & Society
	Schneier on Security by Bruce Schneier
	Beyond Fear by Bruce Schneier
	The Digital Person: Technology and Privacy in the Information Age by Daniel Solove
	Database Nation: The Death of Privacy in the 21st Century by Simson Garfinkel
	Das Ende der Privatsphäre by Peter Schaar
	Code: And Other Laws of Cyberspace, Version 2.0 by Lawrence Lessig
	Free Culture: The Nature and Future of Creativity by Lawrence Lessig
	IT Security Culture
	The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll
	The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers by Kevin D. Mitnick and William L. Simon