IT Security Cookbook

This book was written over ten years ago, when there was a lack of material on IT-Security available (e.g. SANS was just starting out). Some sections were never finished, and other are not out of date, but it is provided here for reference purposes.


  • Briefly discuss threat & risk analysis.
  • Provide a framework for deciding how tightly systems need to be secured (classification)
  • How to create security policies, processes, structure and responsibilities required in a security organisation.
  • Presentation of logical & physical security mechanisms.
  • Provide technical guidelines for UNIX, Firewalls, NT, Web, Win95, OLTP, Oracle, Sybase, Java, Office applications, Programming and TCP/IP Networks.


An interview with LinuxSecuity: