Books to start the study of TCP/IP

Question

I'm 20 years old and have no knowledge in the world of information security! I'm currently studying engineering and I've recently found what work I want to do (pentesting or a career in fields like this). So reading various sites and forums, I've decided to start to study the basics of the communication service TCP/IP.

1. Is this the right or the most convenient beginning in this field?

I know the basic things of languages like c/c++ and I'm currently studying java.

2. What book I should buy?

Reading online I found numerous books about TCP/IP, currently I'm looking to choose this :

TCP/IP Illustrated: The Protocols v. 1

but I don't know what is the most appropriate for me. (I noted that most books are "old" (1994) it's that normal? and why?)

3. Am I late to choose a career in this field?

Hi malloc, unfortunately this type of question doesn't work here, as the answers are 1) it depends, 2) it depends and 3) it depends — Rory Alsop, Jun 30 '14 at 20:02
I wouldn't dive deep into TCP/IP until you've studied survey-level networking. I highly recommend the free [coursera](https://www.coursera.org/course/comnetworks) networking course and liked Kurose/Ross - Computer Networking (under $20 on amazon if you get used copy of the 5th edition (2009)). Also, if you are mostly interested in security stuff, but find networking basics a bit dry at first, then maybe look at the [Web Application Hacker's Handbook](http://mdsec.net/wahh/) for fun, quickly-applicable intro to security in web apps that often introduces some basics (mostly application layer). — dr jimbob, Jun 30 '14 at 21:06
Hi and thanks for the comment. I know it but I was in search of some foothold to start and also vague hints can help me! — malloc, Jun 30 '14 at 21:11

score 1 · Accepted Answer · answered Jun 30 '14 at 18:51

Knowing the building blocks for whatever you are trying to secure is always a place to start. If you want to secure networks, then knowing TCP/IP is a great place to start.
TCP/IP is an old standard. The foundational books are old. The one's you've linked are in my own library, and are considered to be some of the core texts on the subject. But, you need to choose the books and the material that are right for you. Pick one and try it out.
People change careers all the time, even late in life. I know guy who started off in chemical engineering, who is now in his late 30's and is jumping into IT Sec. Age doesn't mean anything, what you can do matters.

thanks for the support! I will follow your and drjimbob advice! — malloc, Jul 01 '14 at 09:30

score 0 · Answer 2 · answered Jun 30 '14 at 19:55

Building on Schroeder's solid advice, TCP/IP knowledge would not only be helpful to know for understanding network security, but also as the most likely attack vector in our increasingly networked world. Having a good foundation in this area can allow you to then build into knowledge of applications that are stacked on top of TCP/IP that may be vulnerable.

For example, you start with good understanding of the network requirements for a standard HTTP connection to a web server (which sits on the TCP/IP stack), and then build on the methods for securing IIS, or Apache, etc.

It sounds like you are very inquisitive (definitely a requirement for security enthusiasts) so I would venture that there are no 'bad' books you can read, although some may certainly give you more bang for the buck. I personally found the relevant portion's of the CCNA books to be very well written and informative. The goal is to learn as much as you can so that you can then apply those skills to further learning.

As for timing, not too late at all. If anything the need for security related positions would appear to be on the rise.

Good luck mate!

Books to start the study of TCP/IP

2 Answers2