Hi,

I know this book doesn't really apply to Linux, but I was just wondering if ay of you had read it, and if you had, could you please take a few seconds to post your opinions? I am just interested because I am looking for a good security book (where I can learn the basics, and then apply it to both Linux/*NIX and M$). There is a review of it here, but if you've read it, I'd just like to know what you think of it, or please tell me if you think there is a better book. Thanks in advance,

J_K9

Are you looking for a book limited to just *wireless* security or something more along the lines of general purpose security info?

Well I guess I'm looking for both really...but yes preferably wireless. You see, I have a wireless LAN at home, and although I already have it secured by WPA TKIP and MAC filtering etc... I would still like to know more about things like IDSs, which ports should be open/closed on the router, and more stuff like that. Any help would be appreciated. Thanks again,

J_K9

IDS, ports etc. haven't really got anything to do with WiFi as such. They apply to all networking.
Anyway here are two books I like:
Linux System Security, 2:nd ed, ISBN 0-13-047011-2
Hacking Exposed, 3:rd ed, ISBN 0-07-219381-6
While these aren't WiFi related, they cover all the basics and then some.

Thanks for your contribution makuyl! I've taken a quick look at both on amazon: by "Linux System Security" do you mean the book Linux System Security: The Administrators Guide to Open Source Security Tools by Scott Mann? If that is it, it looks a bit outdated (1999), but I'll take a deeper look into it. There is also a newer Fifth Edition of Hacking Exposed, known as Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray and George Kurtz. Should I get this newer edition, or should I go for the Third Edition (possibly has a better layout/easier to undestand..)?

[EDIT]
Oh, and has anyone read "WI-FOO: The Secrets of Wireless Hacking?"
[/EDIT]

Thanks,

J_K9

For basic/general security I like the book Maximum Linux Security (oldy but still applicable).
For advanced topics I like O'Reilly's:
Network Security Hacks
Linux Security Cookbook

For wireless I'd recommend
Wireless Hacks.
To be honest though the bleeding edge wireless security field has moved so fast recently that you are better off reading online whitepapers (publication times for books are too slow). These are must reads though:
Fluhrer, Mantin, and Shamir (FMS) Attack
KoreK/chopchop attack
If neither of those make any sense then start here:
Applied Cryptography

/Not a huge fan of the Hacking Exposed books

Linux System Security by Scott Mann is the one I meant. The editions are mentioned just because I have those two versions, but by all means get newer ones if you like those two. There are plenty of books about security out there though. Might be worth going to a local bookstore and have a look around. Or just get what Capt_Caveman suggested. After all, he's a mod in the security section here.

@Capt_Caveman
Why didn't you like Hacking exposed? Not solely about linux?
There's also "Hacking Linux Exposed"

Thanks to both of you! Especially to Capt_Caveman for the links! One last question which isn't related to this thread at all, but I don't want to have to start a new one...can you run an Apache we server on a Workgroup like you can on a Domain? Thanks,

J_K9

P.S The link for "Fluhrer, Mantin, and Shamir (FMS) Attack" didn't work, but I managed to find related topics to it in Google. Merci beaucoup!

I've got Wi-FOO.

It is actually a very useful book. It has about equal coverage of penetration and defense of wireless networks, and lots of info on all the tools of the trade (sniffers, WEP crackers, etc...)

If you are interested in pentrating/defending wireless networks, you could do a lot worse than this book.

Thanks bulliver! That's really helpful, but now my problem is that I don't know which book to buy first! ;-) Anyhoo, thanks to all who have posted in this thread, but does anyone know if you can run an Apache webserver on a Workgroup like you can on a Domain (http://webserver/). Thanks again,

J_K9

What do you mean by workgroup? Samba workgroup? If yes, it has not much to do with Apache at all.

Yes I mean a Samba workgroup. The only reason I asked the question was because in school, we are all connected onto a domain, but in my parents' office, they're all connected by a Samba workgroup. I was wondering if it is possible to set up a web server using Apache onto a Samba workgroup (so that other internal clients can access it in the form http://website/) in the same way that you can do that on a domain (for example, on the school domain, there is a website http://dhs/). Thanks,

J_K9

My guess is that the school has a DNS server with domains that don't look like the ones you find in the Net (it's possiblt to configure and simple).

[EDIT]

Actually, I bought Wireless Hacks yesterday. I was surprised when I realised that it didn't even mention WPA, but then I look at the publication date (September 2003) and I sort of answered my own question... Anyway, I have had a quick glance at it, and I was particularly interested in two programs immediately: EtherPEG and Driftnet. I was just wondering, as the sites don't really say...can they still decode images if the network is encrypted via WPA? Thanks,

J_K9