Contents
Previous
Next
 For extensive bibliographic links, see the 
Collection of  Computer Science Bibliographies
 See our web links for material available 
 online.
 Carlisle Adams and Steve Lloyd Understanding 
Public  Key Infrastructure
 Macmillan 1999 ISBN 1-57870-166-x
 An overview, mainly concentrating on policy and strategic issues 
rather than the technical details. Both authors work for 
PKI vendor Entrust. 
 Albitz, Liu & Loukides DNS &  BIND
 3rd edition
 O'Reilly 1998 ISBN 1-56592-512-2
 The standard reference on the Domain 
Name Service and Berkeley Internet 
Name Daemon. 
 Bamford The Puzzle Palace, A report on NSA, 
 Americas's most Secret Agency
 Houghton Mifflin 1982  ISBN 0-395-31286-8
 David Bander, Linux Security Toolkit
 IDG Books, 2000, ISBN: 0764546902
 This book has a short section on FreeS/WAN and includes Caldera 
Linux on CD. 
 Chapman, Zwicky & Russell Building Internet 
 Firewalls
 O'Reilly 1995 ISBN 1-56592-124-0
 Cheswick and Bellovin Firewalls and 
 Internet Security: Repelling the Wily Hacker
 Addison-Wesley 1994 ISBN 0201633574
 A fine book on firewalls in particular and security in general 
from two of  AT&T's system adminstrators. 
 Bellovin has also done a number of papers
 on IPSEC and co-authored a paper on a 
large FreeS/WAN application. 
 Comer Internetworking with TCP/IP
 Prentice Hall
- Vol. I: Principles, Protocols, & Architecture, 3rd Ed. 1995 
 ISBN:0-13-216987-8
- Vol. II: Design, Implementation, & Intervals, 2nd Ed. 1994 
 ISBN:0-13-125527-4
- Vol. III: Client/Server Programming & Applications 
- AT&T TLI Version  1994 ISBN:0-13-474230-3
- BSD Socket Version 1996 ISBN:0-13-260969-X
- Windows Sockets Version 1997 ISBN:0-13-848714-6
 
If you need to deal with the details of the network protocols, read 
 either this series or the Stevens and Wright
 series  before you start reading the RFCs. 
 Diffie and Landau Privacy on the Line: 
The Politics of Wiretapping and Encryption
 MIT press 1998 ISBN 0-262-04167-7 (hardcover) or 0-262-54100-9
 An interview 
with the authors is available on the web. 
 Doraswamy and Harkins IP Sec: The New 
 Security Standard for the Internet, Intranets and Virtual Private 
 Networks
 Prentice Hall 1999 ISBN: 0130118982
 Electronic Frontier Foundation Cracking DES: 
Secrets  of Encryption Research, Wiretap Politics and Chip Design
 O'Reilly 1998 ISBN 1-56592-520-3
 To conclusively demonstrate that DES is inadequate for continued 
use, the EFF built a machine for just 
over $200,000 that breaks DES  encryption in under five days on 
average, under nine in the worst case.
The book provides details of their design and, perhaps even more 
 important, discusses why they felt the project was necessary. 
Recommended  for anyone interested in any of the three topics mentioned 
in the  subtitle.
See also the  EFF page 
on  this project  and our discussion of 
DES  insecurity. 
 Martin Freiss Protecting Networks with SATAN
 O'Reilly 1998 ISBN 1-56592-425-8
 translated from a 1996 work in German
 SATAN is a Security Administrator's Tool for Analysing Networks. 
This book  is a tutorial in its use. 
 Gaidosch and Kunzinger A Guide to Virtual Private  Networks
 Prentice Hall 1999 ISBN: 0130839647 
 Simson Garfinkel Database Nation: the 
death of  privacy in the 21st century
 O'Reilly 2000 ISBN 1-56592-653-6
 A thoughtful and rather scary book.
 Simson Garfinkel PGP: Pretty Good Privacy
 O'Reilly 1995 ISBN 1-56592-098-8
 An excellent introduction and user manual for the 
PGP email-encryption package.  PGP is a good package with a complex 
and  poorly-designed user interface. This book or one like it is a must 
for  anyone who has to use it at length.
The book covers using PGP in Unix, PC and Macintosh environments, 
plus  considerable background material on both the technical and 
political issues  around cryptography. The only shortcoming is that it 
does not cover recent  developments such as PGP 5 and Open PGP. 
 Garfinkel and Spafford Practical Unix 
 Security
 O'Reilly 1996 ISBN 1-56592-148-8
 A standard reference.
 Spafford's web page has an excellent collection of 
 crypto and security  links. 
 David Kahn The Codebreakers: the 
Comprehensive  History of Secret Communications from Ancient Times to 
the  Internet
 second edition Scribner 1996 ISBN 0684831309
 A history of codes and code-breaking from ancient Egypt to the 
20th century.  Well-written and exhaustively researched. Highly 
recommended,  even though it  does not have much on computer 
cryptography.
 David Kahn Seizing the Enigma, The Race to Break the German 
U-Boat  codes, 1939-1943
 Houghton Mifflin 1991 ISBN 0-395-42739-8 
 Olaf Kirch Linux Network Administrator's 
 Guide
 O'Reilly 1995 ISBN 1-56592-087-2
 Now becoming somewhat dated in places, but still a good 
introductory book  and general reference.
 Pete Lashin Big Book of IPSEC RFCs
 Morgan Kaufmann 2000 ISBN: 0-12-455839-9
 Steven Levy Crypto: How the Code Rebels 
Beat the Government -- Saving Privacy in the Digital Age
 Penguin 2001, ISBN 0-670--85950-8
 Highly recommended. A fine history of recent 
(about 1970-2000) developments in the field, and the related political 
controversies. FreeS/WAN project founder and leader John Gilmore 
appears several times. 
 The book does not cover IPSEC or FreeS/WAN, but this project is 
very much another battle in the same war.  See our discussion of the 
politics. 
 Matyas, Anderson et al. The Global Trust 
 Register
 Northgate Consultants Ltd 1998 ISBN: 0953239705
 hard cover edition due April 1999 MIT Press ISBN 0262511053
 From 
 their web page:  This book is a register of the 
fingerprints of the world's most important  public keys; it implements 
a top-level certification authority (CA) using  paper and ink rather 
than in an electronic system.
 Menezies, van Oorschot and Vanstone 
Handbook of  Applied Cryptography
 CRC Press 1997
 ISBN 0-8493-8523-7
 An excellent reference. Read Schneier
 before  tackling this. 
 Gerhard Mourani Get Acquainted with Linux 
 Security and Optimization System
 Available online as a 
PDF  file. It did not yet cover IPSEC when we last looked. 
 Michael Padlipsky Elements of Networking Style
 Prentice-Hall 1985 ISBN 0-13-268111-0 or 0-13-268129-3
 Probably the funniest technical book ever written
, this is a vicious but  well-reasoned attack on the OSI "seven layer 
model" and all that went with  it. Several chapters of it are also 
available as RFCs 871 to 875. 
 John S. Quarterman The Matrix: Computer 
Networks  and Conferencing Systems Worldwide
 Digital Press 1990  ISBN 155558-033-5
 Prentice-Hall ISBN 0-13-565607-9
 The best general treatment of computer-mediated communication we 
have seen.  It naturally has much to say about the Internet, but also 
covers UUCP,  Fidonet and so on.
 David Ranch Securing Linux Step by Step
 SANS Institute, 1999
 SANS is a respected 
organisation,  this guide is part of a well-known series, and Ranch has 
previously written  the useful 
Trinity  OS guide to securing Linux, so my guess would be this is a 
pretty good  book. I haven't read it yet, so I'm not certain. It can be 
ordered online  from SANS. 
 Bruce Schneier Applied Cryptography, 
Second  Edition
 John Wiley & Sons, 1996
 ISBN 0-471-12845-7 hardcover
 ISBN 0-471-11709-9 paperback
 A standard reference on computer cryptography. For more recent 
essays, see  the author's 
company's web  site. 
 Bruce Schneier Secrets and Lies
 Wiley 2000, ISBN 0-471-25311-1
 An interesting discussion of security and privacy issues, written 
with more of an "executive overview" approach rather than a narrow 
focus on the technical issues. Highly recommended. 
 Scott, Wolfe and Irwin Virtual Private 
 Networks
 2nd edition, O'Reilly 1999 ISBN: 1-56592-529-7
 This is the only O'Reilly book, out of a dozen I own, that I'm 
disappointed  with. It deals mainly with building VPNs with various 
proprietary tools  -- PPTP, 
SSH, Cisco PIX, ... --  and touches only lightly on IPSEC-based 
approaches.
That said, it appears to deal competently with what it does cover 
and it  has readable explanations of many basic VPN and security 
concepts. It may be  exactly what some readers require, even if I find 
the emphasis  unfortunate. 
 Kurt Seifried Linux Administrator's Security 
 Guide
 Available online from 
Security Portal. It has  fairly extensive coverage of IPSEC. 
 Richard E Smith Internet Cryptography
 ISBN 0-201-92480-3, Addison Wesley, 1997
 See the book's 
home page
 Neal Stephenson Cryptonomicon
 Hardcover ISBN -380-97346-4, Avon, 1999. 
 A novel in which cryptography and the net figure prominently. 
Highly recommended: I liked it enough I immediately went out 
and bought all the author's other books. 
 There is also a paperback edition. Sequels are expected. 
 Stevens and Wright TCP/IP Illustrated
 Addison-Wesley
- Vol. I: The Protocols 1994 ISBN:0-201-63346-9
- Vol. II: The Implementation 1995 ISBN:0-201-63354-X
- Vol. III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain 
 Protocols 1996 ISBN: 0-201-63495-3
 If you need to deal with the details of the network protocols, read 
either this series or the Comer series before you 
start reading the RFCs. 
 Rubini Linux Device Drivers
 O'Reilly & Associates, Inc. 1998 ISBN 1-56592-292-1
 Robert Zeigler Linux Firewalls
 Newriders Publishing, 2000 ISBN 0-7537-0900-9
Contents
Previous
Next