Data Books

As always Simon Singn takes the reader on a fantastic trip through History. Filled with entertaining stories, puzzles and heroic events, the author skillfully covers the history of secret writing. If you liked his coverage of Fermat's Enigma then you will definitely enjoy this book.

The prose is capturing, deep enough to fascinate technical readers and light enough to just entertain the casual reader. I specialized in Quantum computers while studying Mathematics and I am astonished that the author manages to explain such non-trivial subjects as quantum computers and cryptography to the degree where ordinary readers can actually understand how they work and their impact on ciphers such as RSA/DSA. In short another great read from one of the best and most entertaining technical writers who ever lived.

Simon Singh books usually hold you from the first page and till the end. "The code book" is very well written and very informative. You will see how it's started and where cryptography goes, but even more interesting part of history of cryptography - life (sometimes secret life) of people who worked and continue to work on development of cryptosystems.

Nutshell review - This is an excellent book covering the history of cryptography up to present day and into the near future. Very well written, easy to understand and worth reading by any layperson interested in the topic.

If you want to know about codes, secrets, cryptography and cryptanalysis then this is the book. Simon Singh presents the history of codes in a clear and simple way. Without the mathematics to disturb the flow of the story, you enjoy plots, conspiracies, secrets and algorithms. Excellent for general knowledge and for an introductory text in cryptanalysis. Buy it!

great book regarding the history of cryptography. The only way to truly understand anything is c the history of it's introduction

I bought this book as an additional material to study for the CISA exam. However it didn't help me with the exam at all. Furthermore, in an attempt to cover many things, it did not cover anything in detail. This book is just an endless recollection of bullet points. On top of that, it misses very sensitive topics like disaster recovery planning.

Not having much experience in the IT audit field, this book was a great resource and was easy to understand.

This book has some material relevant to the CISA examination based on the 2003 content areas, although it is not organized or focused as a CISA examination guide. If you are looking for CISA review material for the test, I would strongly suggest to stick with ISACA's combination of review manual and questions CD. I also searched everywhere for study aids for this grueling test and ended up using ISACA's expensive material, but it proved to be the best choice as I passed the Dec 2006 test.

However, as owner of a copy of this book, I assure you that this is an excellent reference of IT management, planning, implementation, risk assessment and control procedures for anyone in the IT business. Most of the material is still relevant as of 2007.

Audit is not the most exciting topic in the world, but this no fluff book really sets the standard. The care the authors took is obvious from the start, the table of contents is one of the most detailed I have ever seen, it allows the book to be used as a reference.

My favorite chapter was Quality Management, best job of making quality approachable I have seen to date. My least favorite was Project Management, it seemed to lack the application and lean to theory a bit.

I am not an auditor, but as an auditee, this book really helped me understand how they think. Recommended!

This is a huge book but spends no more then 1 page on any topic. In my opinion the authors only have financial audit experience and little understanding of IT controls. This book shows the failure of the 'integrated auditor' as the authors are tyring to be IT auditors with little IT experience. They touch on some very good points in a few instances and, in general, the book is decent. The authors do not know much outside of the CISA, IIA and financial based certifications as they seem to think that the ISSA (Information Systems Security Assoc.) is sponsored by ISC2/CISSP's (it is not). Overall, I have not been impressed with this book.

It is a very good book for understanding TCP/IP protocol suite. It has lots of tools explained in detail to explore the different protocols on unix/linux based systems. Most of the protocols are presented well. It is a must have book for learning networking concepts. I highly recommend this book.

Either if you're a pro or a student, this book is a MUST-HAVE. "Buy it NOW, don't waste more time" is the best advice I could give to you.

This is a good book that covers all the fundamentals of TCP/IP networking. Good illustrations. Seperate chapters for each common application protocols.

This is THE BIBLE. This is the gold standard for the exposition of the TCP/IP protocol stack. Every other TCP/IP protocol book must be measured by the yardstick of this book. This is simply the most comprehensive book ever written on the TCP/IP protocol stack. It's crystal clear and utterly lucid. Stevens tome leads the reader logically, methodically and effortlessly through all of the layers of the TCP/IP protocol stack: the Link Layer (ethernet frames), IP layer, Transport Layer etc. All nuances of TCP/IP are discussed: Address Resolution Protocol (ARP), RARP, ICMP, IGMP, User Datagram Protocol, Transmission Control Protocol etc. In particular, the 135 page exposition of the transmission control protocol is a masterstroke. Application level protocols such as DNS, NFS, FTP, SMTP are discussed at length. TCP/IP Illustrated is Unix-centric. Given that the roots of TCP/IP are in Unix, every serious appreciation of the protocol requires at least a basic understanding of Unix philosophy. This book is a masterpiece of technical writing in Computer Science. Do not be mislead by the one negative review of this book on the spurious grounds that it is outdated. The TCP/IP protocol has not changed since the publication of this book in 1994. I have two copies of this book and will probably buy a third copy. I very, very highly recommend TCP/IP Illustrated Volume I.

This book has very well detailed TCP/IP information, unfortunately some of the information is outdated. The book is easy to follow, and would make an even better learning tool if updated. I bought the book since it was required reading for a class, but I would opt out for a younger publishing on this topic if I had a choice.

Thick Oracle book which is intended for developers who might need to understand the Oracle internals and administration parts besides writing SQL. It's useful for them working in other database also as the general database concept is simlar. Developers can now have more DBA knowledges after reading before on-going performing some DBA task.

Gr8 stuff for all the Oracle ppl.

A true masterpiece, and a great way to learn Oracle concepts. No more to say.

I have been an Oracle DBA for about six years and this book is still the one I turn to when looking for deeper insight into tough Oracle problems. The author recently published a new book on 9i and 10g and that one is also quite excellent. When it comes to analysis and clear writing style, no one can beat Tom Kyte for excellence. Highly recommended.

I bought this book on cheap clearance after the original publisher went out of business -- the best $12 I ever invested. Remembering even 10% of this book makes you better than 90% of Oracle developers, modelers and architects. Mr. Kyte's real world experience and reliance on solid examples instead of folklore makes this light-years ahead of any other Oracle book; it's the only Oracle book I re-read regularly. If you can afford only one Oracle book, this is it. And you may not need any other.

My only issue is that the book doesn't address how to use google analytics more. He gives a lot of suggestions, but there isn't enough guidance in actually how to use GA to pull the data he recommends.

This book is fantastic. Not only does it cover everything, but it does it in a simple way, an hour a day!

I reckon once you have finished this book you will be a head of the majority.

Must get for analytics.

This book is amazing. If you think you knew everything or are in an analysis slump, just flip through this book and you'll find something new to analyze.

I have used Web Side Story...moved to Omniture....also work with Google Analytics.....This book does a good job of getting away from the mountains of data, to provide a clear cut "THINK ABOUT WHAT THE ANALYTICS MEAN" on a business basis- definitely worth the time investment.

Technologies evolve, but the PROCESS by which we should collect and analyze online data in order to gain solid, actionable insights will remain constant for the foreseeable future.

I have been fortunate enough to work with some of the smartest online marketers in the business, and, to say the very least, most of these people -- especially those in the analytics community -- seem content to share their expertise in the most confusing and theoretical manner possible. But not Avinash Kaushik. And in "An Hour a Day," Avinash proves why he is the world's most trusted name in analytics: he brings us up to his level without unnecessary jargon, so we can actually understand how to do this stuff!

Without question, this book is required reading for ANY online marketer, business owner, or anyone currently outsourcing their web analytics. (Warning: You may become better at this than the people you're paying to do it for you!)

Have a website you're not properly tracking? You're not alone! Less than a third of e-commerce and B2B sites have sufficient web analytics tracking -- let alone a process by which to glean insight from it -- and it's not the technology's fault. The problem is that most people don't understand the VALUE and NECESSITY of web analytics. They don't realize it's the difference between sink or swim. For most organizations, web analytics is an afterthought; something pawned off to those with technical knowledge when it should really be understood by those who need to use this data to make serious business decisions. Well, folks, those days are over. If all you know about your site is how many page views, uniques, or (*yikes*) "hits" it's getting, you're in much worse shape than you currently realize, simply because you have no idea how much money and attention you're missing out on if you have no clear goals in mind or a system by which to quantify it.

If you're not measuring it properly, how can you ever claim to have an online strategy that's working? How else will you know how successful your campaign is? How else will you know which elements to test and optimize?

Whether you're a beginner or you know just enough about web analytics to be dangerous, you should absolutely buy this book today. The book pays for itself a hundred fold in the very first hour of the very first day.

I recently purchased this book based on the rave reviews even with an updated second edition off the press. I can honestly say that this book is Awesome in detail and explanation and is still extremely relevant to understanding the how too's and processes involved in routing tcp/ip. The most amazing feature about this book is how well explained and the book makes topics that would normally seem dificult or confusing easily understood, in other words grandma could learn how routing tcp/ip works from reading this book!

Brandon, Rome, GA

Great book for understanding IGP in details.

If any book was ever considered as the MUST HAVE BIBLE for Interior Routing Protocols - then Jeff Doyle's first effort on IGPs is THE book (how many cliché's do you want in one sentence)!! The book goes through at a very even pace - dissecting and describing the majority of both open-standard IGPs (OSPF, RIP and a little on ISIS) and Cisco-proprietary IGPs (IGRP and it's beefier brother - EIGRP). The book also includes some invaluable appendixes - including tutorials on working with Binary and hex.

But let's focus on the book's main reason for being - explaining IGPs. Take for instance OSPF - one of the most popular and widely implemented routing protocols in use today. On page 416-417, the book correctly discusses virtual links as a type of network type. The OSPF chapter typically employs 5-8 routers (and shows the required configs). Such a daunting exercise may at first seem like overkill, but Doyle is able to show how (and why) the all these router configs are necessary (to show, for instance, how they interact with or whether a DR or BDR). The book does have it's typos though, as the table on page 484 incorrectly documents stub networks as allowing type 5 and 7 LSAs (not so - thus a stub!)

I cannot imagine there are many CCIEs out there that do not have this book on their bookshelf.

I give this book 5 pings out of 5:
!!!!!

I am reviewing Routing TCP/IP Volume 1 (ISBN 1578700418), part of the CCIE Professional Development Series from Cisco Press. This book is widely regarded as part of the "Holy Trinity" of CCIE preparatory books. In addition to CCIE prep, it is also highly valued as an essential desk reference for anyone pursuing a career as a senior-level routing engineer. The author, Jeff Doyle, having written the two most recognized tomes on IP Routing, is a respected authority on the topic. His writing style is very clear and not at all difficult to read, which sets him apart from a lot of the authors in the "high-end routing book" category.

The book is part of a set of two books. TCP/IP Volume 1 contains coverage of the major interior routing protocols (RIP, IGRP, EIGRP, OSPF & ISIS) and follows it with coverage of route redistribution, filtering and mapping. TCP/IP Volume 2 covers the BGP exterior gateway protocol and follows it with coverage of advanced IP routing issues. As someone who's come up through the CCNA-to-CCNP-to-CCIE-candidate path, I recognized all of the topics from the BSCI curriculum. All this book really does is takes them to another level of depth. I highly recommend this path of coming at the CCIE, because unless you've done it all and seen it all, there's way too much information to take in during a single reading. Reading the BSCI book first gets you familiar with all of the topics, so that you're not overwhelmed when reading the Doyle books.

While many pan this book as being outdated since it was written in 1998, my contention is that all of the covered topics are still fair game for the CCIE qualifying written exam and the book still retains all of its original value. There are a lot of topics which are on the test which are not in Doyle's books, but if you look at the CCIE blueprint, the topics covered in the books map exactly to the topics in the IP Routing & IP Multicast sections of the blueprint. You can't treat any book as being a one stop shop for CCIE preparation. That's impossible. The book would be the size of my desk. I would actually contend that, on the next rewrite, they should break the 2 volume set into 3 volumes, one for the interior protocols, one for BGP by itself, and one for all of the advanced routing issues and multicast. This would make the volumes a bit less daunting and also somewhat easier to carry.

But, carry-ability issues aside, this is a very good book. It takes all of the topics to the degree of depth which you would expect for a CCIE-level book and explains things in a way that doesn't lose the reader. I had to work to keep the examples straight in my head, but no one said becoming a CCIE was easy. On the downside, the book contains no disc. This is unfortunate, because I always like to have the book on PDF. Also, it would be nice to have the review questions and answers put into a question bank. The book is also missing the "Do I Know This Already" section for each chapter, which is present in all of Cisco Press' certification guides. I realize that this is probably due to the fact that this is more of a desk reference / learning book than an official certification guide. However, as someone who's studying for an exam, I always like as many free practice questions as I can get.

I give Routing TCP/IP Volume 1 a 5 on my 5 ping rating scale and look forward to reading Volume 2.
!!!!!

Routing TCP/IP Volume 1 by Jeff Doyle (ISBN 1578700418) is an advanced level book on the theory and practice of routing and its implementation in Cisco routers. The 1026-page book (with a 50+ page index - always an important part of any technical book) is packed with useful information, example network architectures, and sample commands and their corresponding outputs to help the reader get a thorough grasp of real-life application of the theory.

The book is meant for working professionals in the network and routing field. Part I presents some basic routing theory along with the routing types - static and dynamic. This section, as in other books, is meant as a review for those seasoned engineers who have been working in the field for some time. It also helps to bring up to speed the other readers who may lack the necessary background. Part II contains the real substance of the book. It covers the interior routing protocols in detail including RIP 1 & 2, IGRP, EIGRP, OSPF, and IS-IS. The material presented in these chapters is definitely solid enough to give a detailed understanding of the subject matter and provide the necessary knowledge to allow one to troubleshoot the problems that creep up in maintaining networks running these routing protocols. Part III presents the issue relating to the optimization of networks running these routing protocols such as filtering and redistribution. Part IV consists of the appendices.

The most useful part of the book in my opinion is the examples and sample outputs. These really help the reader to understand the details on implementing the concepts presented in the book. Jeff presents a sample network architecture and uses that architecture to explain various aspects of the topic being discussed. For example, to illustrate various aspects of EIGRP routing and load balancing, a 5-router mesh architecture is presented followed by a detailed discussion of concepts such as succession, load sharing, route transitions and updates, etc. This approach really helps in understanding all aspects of a particular topic with concrete examples to relate to.

I took hold of this book not to help in preparing for the CCIE but to assist in the understanding of routing protocols that I use in my work life. As such, I can not comment on the applicability of this book to preparing for the CCIE exam but as for its application to real world scenarios, this book far exceeds any other on the topic of routing in the Cisco environment.

I am really impressed with the material presented in this book. The book is thorough and detailed in its coverage of interior routing protocols. Jeff Doyle is an expert in his field and this book proves it. On a scale of 1 to 5 with 5 being the highest, I give an enthusiastic 5 to Routing TCP/IP Volume 1 by Jeff Doyle. I can't wait to get my hands on Volume II.

Easily the most readible treatise on DB weblishing that I've seen, Greenspun's book covers all the bases without descending too far into geek speak.

Your VP will understand it, and your MIS manager will be able to use it for something.

My copy is dog-eared. You can get the book online; I still prefer dead trees in hand.

You can read the table of contents and get a feel for the book. But what is best is Greenspun's attitude.

I think his best comment is that the hard part is the design and the easy part is to "Write a couple of programs that parse the HTML forms and turn them into actual database transactions". (pg 172) And then he provides examples of doing just this.

But as I said, Greenspun has an attitude that is very refreshing.

Some of the specific technology described in this book is a little outdated now, but the core techniques live on.

Greenspun's writing is a delight to read, and the information he shares here will provide you with the foundational knowledge on which to build a wide variety of web applications.

Buy this book (or read the online version at philip.greenspun.com), follow the examples, and start building yourself (and others) great, content-filled, easy-to-use web sites.

Philip Greenspun is a rare find: a techie who knows how to communicate. He doesn't even limit himself to one media! While other books may take a schlolarly approach to building websites, Greenspun's story is told by someone who's rolled up his sleeves. As the reader, you get to view web-database design through Greenspun's eye for detail. All tech books should be this good.

This book focuses on the goals of Web site design rather than the nuts and bolts. Although the book contains specific code fragments, it is not a coding book. Rather it is a chronicle of Greenspun's experiences in setting up more than 50 Web sites over the years. This chronicle contains many hard-won lessons that will help prevent the reader from making similar mistakes.

Greenspun has an easy-to-read writing style and a wry sense of humor. (The book has no CD ROM attached to the inside back cover but a picture of a CD ROM with the international "No" symbol overprinted. All code an more is available from Greenspun's Web sites, as you would expect from a book about Web sites.) He also emphasizes esthetic choices and subscribes to a minimalist visual style, in the book and for Web sites, that enhance reading and make downloads as fast as possible.

Many networking books I read (or other books on similarly technical subjects) have a tendency to get bogged down in technical minutia that distracts from the big picture. Not so here. Cormer does an excellent job of getting all the important information out there and explains the common networking protocols, what goes into them, and what they do, without losing the reader. Do not think that this is a superficial view though - I've been in the field for several years now and still use it as a reference on occasion.

I purchased the book titled: Internetworking with TCP/IP Vol.1: Principles, Protocols, and Architecture (4th Edition)for a class. The book arrived ahead of schedule, marking the service amazon provided as second to none. Keep up the great work.

Look for the 5th edition of this same book.
4th edition is much older than the newer 5th edition.

I knew nothing about TCP/IP. As a result, I bought a book "learn TCP/IP in 24 hours" and trashed it after I bought this book, no more 24 hour books. I had no idea what routing is and were to start looking for documents on the internet. This book is scientific and puts it all together. Each chapter lists the RFC that he relied on so you know were the stuff came from. The book is not boring; the author is excellent in explaining ideas. He covers ICMP, GGP, OSPF, EGP, DHCP, DNS, BOOTP, ARP and more. I feel I have accomplished something big by reeading this book. If you are not a beginner in routing, then look at the RFCs they are the source.

Want to really, really, really know TCP-IP???

Read this book and you will know it cold.

Nutshell review - Another great book by Ed Skoudis. Covers all the popular attack vectors and a variety of possible defence techniques. A solid book from which further study and investigation can be undertaken. Management people should read this too.

Counter Hack Reloaded (CHR) is an excellent book for someone looking for a broad overview of computer/network security written in a very clear, logical, and even enjoyable manner.

After CHR's Introductory chapter, the reader is given an overview on Networking, Linux/Unix, and Windows. These three chapters give the reader enough to be able to understand the subsequent chapters which deal with specific phases of an attack. These phases are, Reconnaissance, Scanning, Gaining Access (with different chapters for different methods of gaining access,) Maintaining Access, and Covering Tracks. Throughout these chapters, CHR introduces the reader to the tools used by attackers; how they work, where to get them, and how to defend yourself against them (often by using the tools themselves.) Finally, CHR "puts it all together" with different scenarios of attacks. The scenarios show how attackers use different phases of an attack, and different tools, to penetrate a network/system. Throughout this chapter CHR highlights the mistakes the victims make in their networks/systems to allow the attacks to succeed.

CHR is exceptionally well written, especially for a technical subject. Explanations of complex topics are clear, simple and even entertaining. I would even go so far to say that it is a joy to read.

Overall, CHR is about core concepts. It's about understanding how attacks occur, and understanding why they can succeed. Only then can you have any hope in understanding how to go about defending yourself.

I'm technically not finished reading this book yet and probably never will be until they update it again and still it will be a good reference manual for several years anyway. Skoudis and Liston do have a way of making complex issues seem to make sense. I thank them for writing it and thank Amazon for making it available to me.

It was an easy read, as far as the writing itself. It wasn't too dry, but in some places there was too much information all at once. I've only read the first 350 pages or so, but I can say for sure that Chapter 6 should have been cut into 2 or 3 chapters. The sheer ammount of material covered in those 100 pages or so was too much to be taken all at once.

Most of the tools in this book are widely used and known, but the reason that this book is so interesting is that it describes how you can defend yourself from attacks with such tools.

Therefore this is a very good reference book.

I just finished going through the entire book line by line. I am extreemly new to Linux and security, and this book made it all very clear. I only wish I realized that there was a second edition out when I bought this one. Everything in this original edition was still completely correct and appropriate, three years later.

I'm a big fan of the Hacking Exposed style of writing. All offensive theory is backed up by command line examples, followed by defensive countermeasures. Hacking Exposed: Linux, 2nd Ed (HE:L2E) follows this tradition, updating the content of the first edition and adding 200 pages of new content. Although I reviewed the first edition in Sep 01, reading the second edition reminded me of the challenges posed by securely configuring and deploying Linux systems.

The best way to learn while reading HE:L2E is to try the sample commands. I also recommend visiting the links mentioned and installing many of the tools described by the authors. I found programs like raccess, nsat (ch. 3), sslsniff (ch. 7), nstx, and httptunnel (ch. 15) particularly interesting from an attacker's point of view. From a system administration standpoint, coverage of passlogd (ch. 2), lilo and grub (ch. 5), and X (ch. 6) were very helpful.

The authors share many novel ways to abuse Linux systems, but counter those exploits with little-known features or third-party tools. I never knew I could use bash's HISTCONTROL feature to selectively remove entries from shell history files. HE:L2E goes the extra mile to help secure your system, such as including sample C code in ch. 13 to allow one to compile TCP Wrappers support into one's own programs. Other clear, concise defensive measures were introduced in excellent chapters on keeping the kernel and packages current (appendix B) and pro-active security measures (ch. 2). The last appendix gives a short yet powerful description of the damage an intruder can perform, showing how he hid unauthorized programs and how those programs were discovered.

If you use Linux, you'll find HE:L2E indispensable. I even applied many of the tools and techniques to my FreeBSD system, showing that that good security advice can be a cross-platform endeavor.

The Hacking Exposed books have set the bar for this genre of security book. Hacking Linux Exposed - 2nd Edition doesn't fail in meeting that bar as well. If you've read Hacking Exposed - 4th Edition and think this book can't tell you anything you don't already know- think again. For those who administer Linux boxes this book provides an in-depth look at specific hacks and vulnerabilities unique to the Linux operating system and the accompanying fixes and workarounds to protect yourself. The book is overflowing with examples and sample commands that users can immediately put to use to better understand the risks and how to mitigate them. Hacking Exposed is a must-read for security- this book is a must-read for Linux security.

(...)

First, this book does _NOT_ have a installation walk through...YES!!!

You will not find another book this comprehensive in the length in HLE has accomplished. i found the book to be on point, and not overdrawn on any specific topic. The authors usage of gender is something of a mystery aswell. For the first 10 chapters or so the cracker is a woman, then in later chapters it becomes a man, then in even later chapters a woman, then back to a man :-).

i found the book to be very well written, it feels like a very good naration. There is only a few plugs of direct humor (1 about using word for the publisher, another about the shortest sentence using all letters) but these few are lightening.

Technically this book is sound. it does very good in keeping the basics of security alive through the book (chattr +i, only use what you need, upgrade, etc...). This is very helpful to a beginer for reinforced learning. The software packages it mentions for firewalls, logging, etc. are very nice and descriptive.

All around great book. BTW, did i mention that is does _NOT_ cover a Linux installation from CD/DVD? That alone should be enough to buy it.

When I first starting using Linux systems and putting them online I had NO idea what sort of grief I was in for. The reason for that grief: I had NO clue how to 'harden' a system or what that term even meant. By not knowing that I put up systems that were quickly exploited by script kiddies and SPAM houses looking for open relays to use for SPAM and for 'zombies' to use in Distributed Denial of Service (DDoS) attacks. I bought this book, read it, and haven't had those problems since. If you are going to do *anything* with Linux on the internet then GET THIS BOOK NOW. Unless, of course, you *want* to have your computers destroyed on a weekly basis...