I don't think any one book is a good way to have an overall picture of security. Just like you need defense in depth, you need investigation/learning in depth.
This second edition super does a job of updating the original, and it's about time. For unix security people I'd suggest you also read Hacking Linux Exposed because it has very in depth coverage of everything from a Linux standpoint. (Unix really, but they focus on Linux for their answers about how you fix things. Pathnames may differ for other Unix systems, like BSD.)
For those people not familiar with Hacker's Challenge (1st and 2nd editions) it's a book chock full of real-world (presumably sanitized) cracking examples where they tell you what happened, copies of of log data, and you try to figure out what happened. Very good book.
I'd also like to note that Hacker's Challenge (and Hacking Linux Exposed, for that matter) are not Foundstone books. Hacker's Challenge's lead author is Mike Schiffman, director of security at @stake, which is definately not Foundstone. Foundstone is doing poorly, going so far as to patent port scanning.
I've read this book too, and it's really good. The problem is that they don't have enough space to really misdirect you, they really only provide the information that is relevant. In a real world environment, you'd need to sift through everything (irrelivant logs, user history files, timestamps) to see what is and is not helpful. But HC does a good job with what they can offer.
I was first intrigued by case studies when I read hacking linux exposde, which has excellent real-world case studies. Turn them on their heads and they are useful as challenges too. Since HLE was based on Hacking Exposed I thought I'd get it for those case studies, but they are lame 1-2 page things.
You can get the case studies for HEL online now, which is cool.
Does anyone else have good case studies / challenge pointers that are available online?
Slashdot Mirror
This second edition super does a job of updating the original, and it's about time. For unix security people I'd suggest you also read Hacking Linux Exposed because it has very in depth coverage of everything from a Linux standpoint. (Unix really, but they focus on Linux for their answers about how you fix things. Pathnames may differ for other Unix systems, like BSD.)
O'Reilly's BIF is good, but I'd suggest a Linux-specific firewall book too, like Linux Firewalls, Second Edition.
For those people not familiar with Hacker's Challenge (1st and 2nd editions) it's a book chock full of real-world (presumably sanitized) cracking examples where they tell you what happened, copies of of log data, and you try to figure out what happened. Very good book.
I'd also like to note that Hacker's Challenge (and Hacking Linux Exposed, for that matter) are not Foundstone books. Hacker's Challenge's lead author is Mike Schiffman, director of security at @stake, which is definately not Foundstone. Foundstone is doing poorly, going so far as to patent port scanning.
I was first intrigued by case studies when I read hacking linux exposde, which has excellent real-world case studies. Turn them on their heads and they are useful as challenges too. Since HLE was based on Hacking Exposed I thought I'd get it for those case studies, but they are lame 1-2 page things.
You can get the case studies for HEL online now, which is cool.
Does anyone else have good case studies / challenge pointers that are available online?