For extensive bibliographic links, see the
Collection of Computer Science Bibliographies
See our web links for material available
Carlisle Adams and Steve Lloyd Understanding
Public Key Infrastructure
Macmillan 1999 ISBN 1-57870-166-x
An overview, mainly concentrating on policy and strategic issues
rather than the technical details. Both authors work for
PKI vendor Entrust.
Albitz, Liu & Loukides DNS & BIND
O'Reilly 1998 ISBN 1-56592-512-2
The standard reference on the Domain
Name Service and Berkeley Internet
Bamford The Puzzle Palace, A report on NSA,
Americas's most Secret Agency
Houghton Mifflin 1982 ISBN 0-395-31286-8
David Bander, Linux Security Toolkit
IDG Books, 2000, ISBN: 0764546902
This book has a short section on FreeS/WAN and includes Caldera
Linux on CD.
Chapman, Zwicky & Russell Building Internet
O'Reilly 1995 ISBN 1-56592-124-0
Cheswick and Bellovin Firewalls and
Internet Security: Repelling the Wily Hacker
Addison-Wesley 1994 ISBN 0201633574
A fine book on firewalls in particular and security in general
from two of AT&T's system adminstrators.
Bellovin has also done a number of papers
on IPSEC and co-authored a paper on a
large FreeS/WAN application.
Comer Internetworking with TCP/IP
- Vol. I: Principles, Protocols, & Architecture, 3rd Ed. 1995
- Vol. II: Design, Implementation, & Intervals, 2nd Ed. 1994
- Vol. III: Client/Server Programming & Applications
- AT&T TLI Version 1994 ISBN:0-13-474230-3
- BSD Socket Version 1996 ISBN:0-13-260969-X
- Windows Sockets Version 1997 ISBN:0-13-848714-6
If you need to deal with the details of the network protocols, read
either this series or the Stevens and Wright
series before you start reading the RFCs.
Diffie and Landau Privacy on the Line:
The Politics of Wiretapping and Encryption
MIT press 1998 ISBN 0-262-04167-7 (hardcover) or 0-262-54100-9
with the authors is available on the web.
Doraswamy and Harkins IP Sec: The New
Security Standard for the Internet, Intranets and Virtual Private
Prentice Hall 1999 ISBN: 0130118982
Electronic Frontier Foundation Cracking DES:
Secrets of Encryption Research, Wiretap Politics and Chip Design
O'Reilly 1998 ISBN 1-56592-520-3
To conclusively demonstrate that DES is inadequate for continued
use, the EFF built a machine for just
over $200,000 that breaks DES encryption in under five days on
average, under nine in the worst case.
The book provides details of their design and, perhaps even more
important, discusses why they felt the project was necessary.
Recommended for anyone interested in any of the three topics mentioned
in the subtitle.
See also the EFF page
on this project and our discussion of
Martin Freiss Protecting Networks with SATAN
O'Reilly 1998 ISBN 1-56592-425-8
translated from a 1996 work in German
SATAN is a Security Administrator's Tool for Analysing Networks.
This book is a tutorial in its use.
Gaidosch and Kunzinger A Guide to Virtual Private Networks
Prentice Hall 1999 ISBN: 0130839647
Simson Garfinkel Database Nation: the
death of privacy in the 21st century
O'Reilly 2000 ISBN 1-56592-653-6
A thoughtful and rather scary book.
Simson Garfinkel PGP: Pretty Good Privacy
O'Reilly 1995 ISBN 1-56592-098-8
An excellent introduction and user manual for the
PGP email-encryption package. PGP is a good package with a complex
and poorly-designed user interface. This book or one like it is a must
for anyone who has to use it at length.
The book covers using PGP in Unix, PC and Macintosh environments,
plus considerable background material on both the technical and
political issues around cryptography. The only shortcoming is that it
does not cover recent developments such as PGP 5 and Open PGP.
Garfinkel and Spafford Practical Unix
O'Reilly 1996 ISBN 1-56592-148-8
A standard reference.
Spafford's web page has an excellent collection of
crypto and security links.
David Kahn The Codebreakers: the
Comprehensive History of Secret Communications from Ancient Times to
second edition Scribner 1996 ISBN 0684831309
A history of codes and code-breaking from ancient Egypt to the
20th century. Well-written and exhaustively researched. Highly
recommended, even though it does not have much on computer
David Kahn Seizing the Enigma, The Race to Break the German
U-Boat codes, 1939-1943
Houghton Mifflin 1991 ISBN 0-395-42739-8
Olaf Kirch Linux Network Administrator's
O'Reilly 1995 ISBN 1-56592-087-2
Now becoming somewhat dated in places, but still a good
introductory book and general reference.
Pete Lashin Big Book of IPSEC RFCs
Morgan Kaufmann 2000 ISBN: 0-12-455839-9
Steven Levy Crypto: How the Code Rebels
Beat the Government -- Saving Privacy in the Digital Age
Penguin 2001, ISBN 0-670--85950-8
Highly recommended. A fine history of recent
(about 1970-2000) developments in the field, and the related political
controversies. FreeS/WAN project founder and leader John Gilmore
appears several times.
The book does not cover IPSEC or FreeS/WAN, but this project is
very much another battle in the same war. See our discussion of the
Matyas, Anderson et al. The Global Trust
Northgate Consultants Ltd 1998 ISBN: 0953239705
hard cover edition due April 1999 MIT Press ISBN 0262511053
their web page:
This book is a register of the
fingerprints of the world's most important public keys; it implements
a top-level certification authority (CA) using paper and ink rather
than in an electronic system.
Menezies, van Oorschot and Vanstone
Handbook of Applied Cryptography
CRC Press 1997
An excellent reference. Read Schneier
before tackling this.
Gerhard Mourani Get Acquainted with Linux
Security and Optimization System
Available online as a
PDF file. It did not yet cover IPSEC when we last looked.
Michael Padlipsky Elements of Networking Style
Prentice-Hall 1985 ISBN 0-13-268111-0 or 0-13-268129-3
Probably the funniest technical book ever written
, this is a vicious but well-reasoned attack on the OSI "seven layer
model" and all that went with it. Several chapters of it are also
available as RFCs 871 to 875.
John S. Quarterman The Matrix: Computer
Networks and Conferencing Systems Worldwide
Digital Press 1990 ISBN 155558-033-5
Prentice-Hall ISBN 0-13-565607-9
The best general treatment of computer-mediated communication we
have seen. It naturally has much to say about the Internet, but also
covers UUCP, Fidonet and so on.
David Ranch Securing Linux Step by Step
SANS Institute, 1999
SANS is a respected
organisation, this guide is part of a well-known series, and Ranch has
previously written the useful
Trinity OS guide to securing Linux, so my guess would be this is a
pretty good book. I haven't read it yet, so I'm not certain. It can be
ordered online from SANS.
Bruce Schneier Applied Cryptography,
John Wiley & Sons, 1996
ISBN 0-471-12845-7 hardcover
ISBN 0-471-11709-9 paperback
A standard reference on computer cryptography. For more recent
essays, see the author's
company's web site.
Bruce Schneier Secrets and Lies
Wiley 2000, ISBN 0-471-25311-1
An interesting discussion of security and privacy issues, written
with more of an "executive overview" approach rather than a narrow
focus on the technical issues. Highly recommended.
Scott, Wolfe and Irwin Virtual Private
2nd edition, O'Reilly 1999 ISBN: 1-56592-529-7
This is the only O'Reilly book, out of a dozen I own, that I'm
disappointed with. It deals mainly with building VPNs with various
proprietary tools -- PPTP,
SSH, Cisco PIX, ... -- and touches only lightly on IPSEC-based
That said, it appears to deal competently with what it does cover
and it has readable explanations of many basic VPN and security
concepts. It may be exactly what some readers require, even if I find
the emphasis unfortunate.
Kurt Seifried Linux Administrator's Security
Available online from
Security Portal. It has fairly extensive coverage of IPSEC.
Richard E Smith Internet Cryptography
ISBN 0-201-92480-3, Addison Wesley, 1997
See the book's
Neal Stephenson Cryptonomicon
Hardcover ISBN -380-97346-4, Avon, 1999.
A novel in which cryptography and the net figure prominently.
Highly recommended: I liked it enough I immediately went out
and bought all the author's other books.
There is also a paperback edition. Sequels are expected.
Stevens and Wright TCP/IP Illustrated
- Vol. I: The Protocols 1994 ISBN:0-201-63346-9
- Vol. II: The Implementation 1995 ISBN:0-201-63354-X
- Vol. III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain
Protocols 1996 ISBN: 0-201-63495-3
If you need to deal with the details of the network protocols, read
either this series or the Comer series before you
start reading the RFCs.
Rubini Linux Device Drivers
O'Reilly & Associates, Inc. 1998 ISBN 1-56592-292-1
Robert Zeigler Linux Firewalls
Newriders Publishing, 2000 ISBN 0-7537-0900-9