Anderson, Ross. “Why Cryptosystems Fail,” http://www.cl.cam.ac.uk
Anonymous. Maximum Linux Security: A Hacker’s Guide to Protecting Your Linux Server and Workstation, Indianapolis: SAMS, 1999. This is a detailed source of information on specific attacks. It includes links to attack code, signs of attack, and countermeasures.
Bach, Maurice J. Design of the Unix Operating System, Englewood Cliffs, N.J.: Prentice-Hall, 1986. Although it is showing its age and doesn’t include many new developments such as /proc or Linux, a forensic technician is well-advised to have as detailed an understanding of Unix internals as presented in this classic.
Boyle, Phillip. “Intrusion Detection FAQ,” http://www.sans.org/newlook/resources/IDFAQ/trinoo.htm ...