Blogging Rock Star

Below are many books, websites and other resources that will help you get started in Information Technology security:

Recommended Reading

• CISSP All-in-One Exam Guide by Shon Harris
• TCP/IP Illustrated by Richard Stevens
• Building Internet Firewalls by Elizabeth Zwicky
• Securing Windows NT/2000 Servers for the Internet by Stefan Norberg
• Hardening Windows Systems by Roberta Bragg

Recommended Tools

• WireShark – Examine packets (use with “TCP/IP Illustrated”, above)
• Superscan – Powerful TCP port scanner, pinger, resolver.
• Nessus and/or Nmap – Vulnerability scanners

Additional Tools

• Sysinternals – Variety of utilities
• PGP – Encryption, documentation is highly recommended, basically a primer on encryption.

Regulations and Standards

• FFIEC
• COBIT
• NIST
• ISO 17799 (ISO/IEC 27002:2005)

Vulnerability Lists

• SANS Top 20
• SANS @Risk Newsletter
• BugTraq
• CVE
• Vulnwatch

Local Chapter Organizations

• ISSA
• ISACA
• OWASP

Training Organizations

• SANS Institute
• (ISC)2
• ISACA

While the above list is by no means comprehensive, it should serve to give you some idea of the sorts of things involved with Information Technology Security.

Constructive comments, suggestions and additions are always welcome.

This entry was posted on Saturday, August 4th, 2007 at 2:33 pm and is filed under Internet Security, Reference, Tips & Tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.