I got into writing in a classic "right place, right time" situation. In the 96-99 timeframe, I was very active on the Microsoft Trainer Newsgroups, however I had already shifted into doing a lot more Cisco/network related stuff and I suppose I became known as a bit of a goto guy when folks had networking related questions. A lady by the name of Roberta Bragg had really made a reputation as being on the forefront of Microsoft security related issues and had really become a security evangelist. She was writing a CISSP Study guide and when it came to the chapter on network and telecommunications security, she contacted me and asked if I would be interested in writing that chapter. I jumped at the opportunity, and never looked back. I will be forever indebted to Roberta for the opportunity she afforded me, and all the good things that have come since then.

This page lists the books I have authored in some way (either as the principle, co- or a contributing author) or have otherwise worked on (typically as a technical editor of some fashion).

OK, so I guess when I said that Hardening Network Infrastructure was my crowning achievement, I didn't really take into account that I would be writing a book for Cisco Press. I kind of stumbled into this one as well. Originally I was asked to review the book proposal for this book that Brian Ford put together. For various reasons, Brian was having a hard time meeting some of the deadlines for the book and recommended that I work on a few chapters. Eventually he wound up not working on the book at all (though it was his idea and outline) and Ido and I worked on the book in it's entirety. While Hardening Network Infrastructure was a fun book to write because it was so technical, I think this is actually a better book for most readers because it is what the title implies. A good, solid foundation book that covers all of the fundamentals regarding what a firewall is (and is not), what a firewall does (and does not) and how a firewall can fit in your environment. One of the coolest things about this book is that, while it's Cisco Press and we absolutely cover Cisco PIX and ASA firewalls, we remained largely agnostic and also covered about a half dozen other firewalls ranging from personal firewalls, SOHO firewalls and even Microsoft ISA server.If you are looking to learn the basics around firewalls, this is the book for you.
I wrote a chapter (Chapter 6 as I recall) in this book on Cisco PIX and ASA firewalls.

This was another "oh yeah" projects. I was not an author on this book for a couple of reasons. One, I simply didn't have time. But second, I wasn't confident in how well I could do a hacking centric book. To bridge the gap, I decided to become a technical editor on it, and I couldn't be more pleased. I was able to really brush up on my hacking skills since I had to test everything the authors did and said, but I also really got a lot more confident in my abilities to write at this level. In fact, when revision 2 comes out, I'm ready!! This book is not yet published, but it's due out in summer 2005.

This book is was a collaborative effort with a lot of people. The primary reason is that the content was so far reaching. Where as Hardening Network Infrastructure is very technical and targeted to a highly technical audience, this book focused on the gory part of network security - the policies, procedures and recommendations. The target is a higher level audience (management, executives) but at the same time, technical folks get a tremendous value from understanding the thought process and decision making that happens above them. I wrote chapters 10 and 12, Hardening Data Transport Using Encryption and Hardening Wireless.

This is what I consider my crowning achievement. In fact, I dedicated a page to it here.

This was my first book, and I wrote Chapter 2: Telecommunications and Network Security. Personally, I think it went beyond the CISSP objectives to really be a good primer for networking and network security, in the vein of the old Network Essential and Cisco CCNA curriculum.