A must-have security book?

[Katja]

Okay, simple. Can someone provide the title (and preferably an URL) to a book about computer security that any security specialist must have in their library. And yes, I mean paper books, no PDFs... Something that would look good on my bookshelf and might also be very educational.
A link to Amazon or other online bookstore would be real welcome.

I am talking about security in general, btw. Tips and tricks to keep your compuer safe, for example. Or website security. Can be Linux-related, Mac-related, Windows-related or just generic. Anything useful.

Who knows a good title? (Please post only one title.)

[whatthe]

A link to Amazon or other online bookstore would be real welcome.

Huh. Don't they have google where you are? Amazon shouldn't be too hard to find.

Hacking Exposed has some good stuff.

[Katja]

Oh, I can use Google. But there's a lot of choice in books and I wonder what some of the experts here would advise me as good reading material. An Amazon link would be useful since it contains lots of information about the book. (Price, contents and opinions from other readers.) It's more about opinions than "but-this-book" advise.

[AngelicKnight]

I'm a big fan of Kevin Mitnick's The Art of Deception. It won't teach you a lick of anything technical, but it will give you a good peek into what the world of social engineering looks like, which is must-have knowledge for any security professional. You can have all the tech savvy in the world and still be p0wned in no time flat if a good social engineer comes your way.

[mathgirl32]

Not sure it's a *must have* book...but I have Malicious Mobile Code - an O'Reilly book. It's a little dated (2001) but still gives a comprehensive view - looking at more than the just the basics.

[Relyt]

IMHO - You absolutely cannot be serious about linux security unless you have:

"Real World Linux Security" by Bob Toxen

Cheers

[Aspman]

Network security assessment - Oreilly

Secrets & Lies - Bruce Schneier

Copy of BS7799 or ISO17799