For extensive bibliographic links, see the
Collection of
  Computer Science Bibliographies
See our web links for material available
  online.
  
Carlisle Adams and Steve Lloyd Understanding Public
  Key Infrastructure
   Macmillan 1999 ISBN 1-57870-166-x
An overview, mainly concentrating on policy and strategic issues rather than the
technical details. Both authors work for PKI vendor
Entrust.
   Albitz, Liu & Loukides DNS &
  BIND 3rd edition
   O'Reilly 1998 ISBN 1-56592-512-2
The standard reference on the Domain Name Service
and Berkeley Internet Name Daemon.
  
  Bamford The Puzzle Palace, A report on NSA,
  Americas's most Secret Agency
  Houghton Mifflin 1982
  ISBN 0-395-31286-8
  
David Bander, Linux Security Toolkit
IDG Books, 2000, ISBN: 0764546902
This book has a short section on FreeS/WAN and includes Caldera Linux on CD.
  Chapman, Zwicky & Russell Building Internet
  Firewalls
  O'Reilly 1995 ISBN 1-56592-124-0
  
   Cheswick and Bellovin Firewalls and
  Internet Security: Repelling the Wily Hacker
  Addison-Wesley 1994 ISBN 0201633574
  A fine book on firewalls in particular and security in general from two of
  AT&T's system adminstrators.
Bellovin has also done a number of papers on
IPSEC and co-authored a paper on a large
FreeS/WAN application.
  
   Comer Internetworking with TCP/IP
  Prentice Hall
  
    - Vol. I: Principles, Protocols, & Architecture, 3rd Ed. 1995
      ISBN:0-13-216987-8
- Vol. II: Design, Implementation, & Intervals, 2nd Ed. 1994
      ISBN:0-13-125527-4
- Vol. III: Client/Server Programming & Applications
      
        - AT&T TLI Version  1994 ISBN:0-13-474230-3
- BSD Socket Version 1996 ISBN:0-13-260969-X
- Windows Sockets Version 1997 ISBN:0-13-848714-6
 
If you need to deal with the details of the network protocols, read
  either this series or the Stevens and Wright series
  before you start reading the RFCs.
  
Diffie and Landau
Privacy on the Line: The Politics of Wiretapping and Encryption
MIT press 1998 ISBN 0-262-04167-7 (hardcover) or 0-262-54100-9
An interview with the authors
is available on the web.
  Doraswamy and Harkins IP Sec: The New
  Security Standard for the Internet, Intranets and Virtual Private
  Networks
  Prentice Hall 1999 ISBN: 0130118982
  
   Electronic Frontier Foundation Cracking DES: Secrets
  of Encryption Research, Wiretap Politics and Chip Design
   O'Reilly 1998 ISBN 1-56592-520-3
  To conclusively demonstrate that DES is inadequate for continued use, the EFF built a machine for just over $200,000 that breaks DES
  encryption in under five days on average, under nine in the worst case.
  The book provides details of their design and, perhaps even more
  important, discusses why they felt the project was necessary. Recommended
  for anyone interested in any of the three topics mentioned in the
  subtitle.
  See also the  EFF page on
  this project  and our discussion of DES
  insecurity.
  
  Martin Freiss Protecting Networks with SATAN
  O'Reilly 1998 ISBN 1-56592-425-8
  translated from a 1996 work in German
  SATAN is a Security Administrator's Tool for Analysing Networks. This book
  is a tutorial in its use.
  
  Gaidosch and Kunzinger A Guide to Virtual Private
  Networks
  Prentice Hall 1999 ISBN: 0130839647
  
  Simson Garfinkel Database Nation: the death of
  privacy in the 21st century
  O'Reilly 2000 ISBN 1-56592-653-6
  A thoughtful and rather scary book.
  
   Simson Garfinkel PGP: Pretty Good Privacy
  O'Reilly 1995 ISBN 1-56592-098-8
  An excellent introduction and user manual for the PGP
  email-encryption package.  PGP is a good package with a complex and
  poorly-designed user interface. This book or one like it is a must for
  anyone who has to use it at length.
  The book covers using PGP in Unix, PC and Macintosh environments, plus
  considerable background material on both the technical and political issues
  around cryptography. The only shortcoming is that it does not cover recent
  developments such as PGP 5 and Open PGP.
  
  Garfinkel and Spafford Practical Unix
  Security
  O'Reilly 1996 ISBN 1-56592-148-8
  A standard reference.
  Spafford's web page has an excellent collection of  crypto and security
  links.
  
   David Kahn The Codebreakers: the Comprehensive
  History of Secret Communications from Ancient Times to the
  Internet
  second edition Scribner 1996 ISBN 0684831309
  A history of codes and code-breaking from ancient Egypt to the 20th century.
  Well-written and exhaustively researched. Highly recommended,
 even though it
  does not have much on computer cryptography.
  
David Kahn Seizing the Enigma, The Race to Break the German U-Boat
  codes, 1939-1943
  Houghton Mifflin 1991 ISBN 0-395-42739-8
  
  Olaf Kirch Linux Network Administrator's
  Guide
  O'Reilly 1995 ISBN 1-56592-087-2
  Now becoming somewhat dated in places, but still a good introductory book
  and general reference.
  
  Pete Lashin Big Book of IPSEC RFCs
  Morgan Kaufmann 2000 ISBN: 0-12-455839-9
  
Steven Levy Crypto: How the Code Rebels Beat the
Government -- Saving Privacy in the Digital Age
Penguin 2001, ISBN 0-670--85950-8
Highly recommended. A fine history of recent (about 1970-2000) developments in the
field, and the related political controversies. FreeS/WAN project
founder and leader John Gilmore appears several times.
The book does not cover IPSEC or FreeS/WAN, but this project is
very much another battle in the same war.  See our
discussion of the politics.
  Matyas, Anderson et al. The Global Trust
  Register
  Northgate Consultants Ltd 1998 ISBN: 0953239705
  hard cover edition due April 1999 MIT Press ISBN 0262511053
  From 
  their web page:
  
    This book is a register of the fingerprints of the world's most important
    public keys; it implements a top-level certification authority (CA) using
    paper and ink rather than in an electronic system.
  
  Menezies, van Oorschot and Vanstone Handbook of
  Applied Cryptography
  CRC Press 1997
  ISBN 0-8493-8523-7
  An excellent reference. Read Schneier before
  tackling this.
  
  Gerhard Mourani Get Acquainted with Linux
  Security and Optimization System
  Available online as a PDF
  file. It did not yet cover IPSEC when we last looked.
  
Michael Padlipsky Elements of Networking Style
  Prentice-Hall 1985 ISBN 0-13-268111-0 or 0-13-268129-3
  Probably the funniest technical book ever written, this is a vicious but
  well-reasoned attack on the OSI "seven layer model" and all that went with
  it. Several chapters of it are also available as RFCs 871 to 875.
  
   John S. Quarterman The Matrix: Computer Networks
  and Conferencing Systems Worldwide
  Digital Press 1990  ISBN 155558-033-5
  Prentice-Hall ISBN 0-13-565607-9
  The best general treatment of computer-mediated communication we have seen.
  It naturally has much to say about the Internet, but also covers UUCP,
  Fidonet and so on.
  
   David Ranch Securing Linux Step by Step
  SANS Institute, 1999
  SANS is a respected organisation,
  this guide is part of a well-known series, and Ranch has previously written
  the useful Trinity
  OS guide to securing Linux, so my guess would be this is a pretty good
  book. I haven't read it yet, so I'm not certain. It can be ordered online
  from SANS.
  
  Bruce Schneier Applied Cryptography, Second
  Edition
  John Wiley & Sons, 1996
  ISBN 0-471-12845-7 hardcover
  ISBN 0-471-11709-9 paperback
  A standard reference on computer cryptography. For more recent essays, see
  the author's company's web
  site.
  
Bruce Schneier Secrets and Lies
Wiley 2000, ISBN 0-471-25311-1
An interesting discussion of security and privacy issues, written
with more of an "executive overview" approach rather than a
narrow focus on the technical issues. Highly recommended.
 Scott, Wolfe and Irwin Virtual Private
  Networks
  2nd edition, O'Reilly 1999 ISBN: 1-56592-529-7
  This is the only O'Reilly book, out of a dozen I own, that I'm disappointed
  with. It deals mainly with building VPNs with various proprietary tools
  -- PPTP, SSH, Cisco PIX, ... --
  and touches only lightly on IPSEC-based approaches.
  That said, it appears to deal competently with what it does cover and it
  has readable explanations of many basic VPN and security concepts. It may be
  exactly what some readers require, even if I find the emphasis
  unfortunate.
  
  Kurt Seifried Linux Administrator's Security
  Guide
  Available online from Security Portal. It has
  fairly extensive coverage of IPSEC.
  
  Richard E Smith Internet Cryptography
  ISBN 0-201-92480-3, Addison Wesley, 1997
See the book's
home page
  
Neal Stephenson Cryptonomicon
Hardcover ISBN -380-97346-4, Avon, 1999.
A novel in which cryptography and the net figure prominently. Highly recommended:
I liked it enough I immediately went out and bought all the author's other books.
There is also a paperback edition. Sequels are expected.
   Stevens and Wright TCP/IP Illustrated
  Addison-Wesley
  
    - Vol. I: The Protocols 1994 ISBN:0-201-63346-9
- Vol. II: The Implementation 1995 ISBN:0-201-63354-X
- Vol. III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain
      Protocols 1996 ISBN: 0-201-63495-3
If you need to deal with the details of the network protocols, read
either this series or the Comer series before you
start reading the RFCs.
  
   Rubini Linux Device Drivers
  O'Reilly & Associates, Inc. 1998 ISBN 1-56592-292-1
  
   Robert Zeigler Linux Firewalls
  Newriders Publishing, 2000 ISBN 0-7537-0900-9