What Are Some Good Reads/books?

[Bundy]

So, I made a post that I was interested in taking the offsec courses and learning backtrack, despite having no prior linux experience, and not having any education regarding computers. I was told I need to have a deep understanding of computing and networking, as well as linux or I will be lost.

I want to rectify the situation, and am hoping you can direct me to some good books and online resources that I can use to get more familiar with networking, and that would help me develop a deep understanding of computers, that would help me get ready for delving into the offensive security field.

The hardest part for me when posting this is not knowing where I stand relative to where I need to be. I don't have any formal computer courses. I am the person who all my friends come to when they have a computer issue, however. I have dabbled around in different operating systems, but am pretty much clueless in anything command line.

Sorry for the post that I am sure falls under the "How NOT to ask a question", but I tried my best.

EDIT: Also, if there are any other good online courses/certifications that you think I should take before the offsec courses, please let me know as well.

Edited May 10, 2012 by Bundy

[Sitwon]

There's a big list of suggest reading (for coders and geeks in general) here: http://www.gaiaonline.com/forum/c-t-tech-talk/suggested-reading-technology-and-programming/t.69647195/

Specifically, I would recommend that anyone interested in computer security begin by learning a programming language and getting a solid understanding of how computers work.

You can learn some programming with Code Academy or TryRuby or numerous other online language tutorials.

Then you should work through The Elements of Computer Systems. http://www.amazon.com/gp/product/0262640686

It's an excellent introduction to computer science and gives you a complete overview of how computers work from binary logic and NAND gates up through building a CPU and programming it with assembly language to operating systems and high-level (Java-like) languages. This is a must-read for anyone who is serious about understanding computers, how to program them, and how to exploit them.

Next I'd suggest reading Hacking: The Art of Exploitation. http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441

It's a great introduction to why exploits work and how to find and use them. Along the way it introduces a lot of the basics you'll need to know to understand more sophisticated attacks. It covers both software hacking and network hacking.

As far as learning Linux, I haven't seen any books or classes that I can really recommend. My advice would be to just use it as much as you can. Linux is a big broad and complicated topic that you'll learn best by just doing it. It's important to always push yourself a little outside your comfort zone. Try using command-line as much as possible. Write shell-scripts. Learn to use Emacs and Vim. Try installing Linux From Scratch. Whatever it takes, just don't let yourself get too comfortable, keep pushing.

For learning networking, the Net+ and CCNA courses/books actually do a pretty good job of covering everything you'll need to know to understand how networks really work. You might also consider doing Sec+ to learn a bit more about specific security concerns and how they are commonly mitigated.

[Bundy]

Sitwon, thanks a ton! This was an extremely good post, exactly what I was looking for!