I'm a CS student right now thinking about specializing in security. The problem I have, however, is that I don't know enough about security to know on which particular areas of security I want to focus. I only know enough to realize that it is in of itself a quite diverse field.<p>My question for all the security guys that hang around here is this: what books or blog should I start with if I want a general introduction to the field? I could just wait for the intro level course at my university, but I like to give myself a head start (especially on introductory courses) as I find that the repetition of teaching myself and being taught in class gives me a much more solid foundation in the material.
You're looking for this page on HN:<p><a href="http://news.ycombinator.com/user?id=tptacek" rel="nofollow">http://news.ycombinator.com/user?id=tptacek</a><p>Particularly the link that says "reading list."
I really liked the "Stealing the network" book series.
While it is fictional, the attacks are very realistic and there is much to learn from, even if its a bit outdated.<p>For me, understanding the attacker mindset is what makes a good security professional.
I enjoy listening to the Security Now podcast with Steve Gibson. He gives a great overview every week of the security issues/patches/exploits and also goes in depth into a variety of security related topics. His explanations are always easy to understand and interesting.<p><a href="http://www.grc.com/securitynow.htm" rel="nofollow">http://www.grc.com/securitynow.htm</a>