Some of you may know that I have been trying to compile a list of books to go through. I have attempted to create a sort of "book club" to get a bunch of people together to go through them, sharing what we all have learned. That didn't take off to well. I started with Hacking The Art Of Exploitation. This was an excellent book. I learned a lot! It is not for the faint of heart though. Get ready to dig into some serious C code. It definitely makes me want to go back and dust off what I remember of C and learn it again. At that time, I may reread the book in attempt to get even more out of it.
So whats next on my list? Well, I have two that are in a toss up. The first is Snort IDS and IPS toolkit by Jay Beale. Though I have also been thinking about the O'reilly book Beautiful Security.
Here is the remainder of my year's reading list:
Wireshark and Ethereal Network Protocol Analyzer Toolkit
Nessus Network Auditing
Metasploit Penetration Development Vulnerability Research
Shellcoders Handbook: Discovering Exploiting Security
Reversing: Secrets of Reverse Engineering
Rootkits: Subverting The Windows Kernel
Web Application Hackers Handbook: Discovering and Exploiting Security Flaws
Database Hackers Handbook: Defending Servers
This is in no specific order yet. On top of all of this I really need to knock out this GPEN certification and the CISSP by the end of the year. Following soon behind that is the renewal of the CCNA. I'm probably going to do the CCNA Security, suprise :). This will renew my CCNA and add the Security peice to the end.
As many of you know I have been working on an IT security degree as well. While I hate to quit things, I really have a hard time finding a school that can teach real security things that are helpful in the real world as well as relevant. I am looking at the University of Advancing Technology. I guess the security program here was started by the same guy that started the Defcon conferences. That has some merrit to it. The class outline looks to be relevant. So I may atted there to finish my degree.
To be quite honest I stumbled over an old favorite in my browser the other day of the infamous lab of Scott Morris. At the end of his resume page there is a link to how he came to be where he is: Scott's Story. After reading that story, I felt like I can just keep on doing what I do, how I do it and who needs school. If any of you reading this know me personally, that's not an unfamiliar statement. So maybe I won't go back. This is hard to tell at the moment. It would sure help me focus on getting my GPEN and CISSP out of the way rather than having to come home and do homework every night. Who know's. Time will tell.
So if any of you out there want to join in the reading list, leave a comment or email me.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment