Free Security Books on Protecting and Securing Your Systems



  • Cryptography and Data Security - Data security is the science and study of methods of protecting data in computer and communication systems from unauthorized disclosure and modification. The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks. The book is for students and professionals seeking an introduction to these principles. There are many references for those who would like to study specific topics further.
  • Cryptography, An Introduction : Third Edition - The third edition is now online. You may make copies and distribute the copies of the book as you see fit, as long as it is clearly marked as having been authored by N.P. Smart.
  • Secure your email server with Linux: A white paper on Open Source and ISV based solutions to protecting your email servers from various attacks.
  • Securing Linux Production Systems - A Practical Guide to Basic Security in Linux Production Environments
  • Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network - I want to write a few words about this book and how it should be used. This book is not strictly an instructional, or "How To" book. Its purpose is to get you started on a solid education in Internet security. As such, it is probably constructed differently from any computer book you have ever read. Although this book cannot teach you everything you need to know, the references contained within this book can.
  • The Hacker Crackdown: Law and Disorder on the Electronic Frontier - If you're a computer cop, a hacker, or an electronic civil liberties activist, you are the target audience for this book. I wrote this book because I wanted to help you, and help other people understand you and your unique, uhm, problems. I wrote this book to aid your activities, and to contribute to the public discussion of important political issues. In giving the text away in this fashion, I am directly contributing to the book's ultimate aim: to help civilize cyberspace.
  • The Digital Dilemma: Intellectual Property in the Information Age - Borrowing a book from a local public library would seem to be one of the most routine, familiar, and uncomplicated acts in modern civic life: A world of information is available with little effort and almost no out-of-pocket cost. Such access to information has played a central role in American education and civic life from the time of Thomas Jefferson, who believed in the crucial role that knowledge and an educated populace play in making democracy work. Yet the very possibility of borrowing a book, whether from a library or a friend, depends on a number of subtle, surprisingly complex, and at times conflicting elements of law, public policy, economics, and technology, elements that are in relative balance today but may well be thrown completely out of balance by the accelerating transformation of information into digital form.
  • Introduction to Reverse Engineering Software - This book is an attempt to provide an introduction to reverse engineering software under both Linux and Microsoft Windows. Since reverse engineering is under legal fire, the authors figure the best response is to make the knowledge widespread. The idea is that since discussing specific reverse engineering feats is now illegal in many cases, we should then discuss general approaches, so that it is within every motivated user's ability to obtain information locked inside the black box. Furthermore, interoperability issues with closed-source proprietary systems are just plain annoying, and something needs to be done to educate more open source developers as to how to implement this functionality in their software.
  • Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID - Rafeeq Ur Rehman explains and simplifies every aspect of deploying and managing Snort in your network. You'll discover how to monitor all your network traffic in real time; update Snort to reflect new security threats; automate and analyze Snort alerts; and more. Best of all, Rehman's custom scripts integrate Snort with Apache, MySQL, PHP, and ACID-so you can build and optimize a complete IDS solution more quickly than ever before.
  • The Protection of Information in Computer Systems - This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification. It concentrates on those architectural structures--whether hardware or software--that are necessary to support information protection. The paper develops in three main sections. Section I describes desired functions, design principles, and examples of elementary protection and authentication mechanisms. Any reader familiar with computers should find the first section to be reasonably accessible. Section II requires some familiarity with descriptor-based computer architecture. It examines in depth the principles of modern protection architectures and the relation between capability systems and access control list systems, and ends with a brief analysis of protected subsystems and protected objects. The reader who is dismayed by either the prerequisites or the level of detail in the second section may wish to skip to Section III, which reviews the state of the art and current research projects and provides suggestions for further reading.
  • Handbook of Applied Cryptography - PDF format, good, solid explanations of cryptography algorithms.