Malware: Fighting Malicious Code
Reveals how attackers install malicious code and how they evade detection\ Shows how you can defeat their schemes and keep your computers and network safe!\ Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats\ Explains how to handle today's threats, with an eye on handling the threats to come\ \ "This is a truly outstanding book-enormous technical wealth and beautifully written."\ —Warwick Ford\ "Ed does it again, piercing the veil of mystery surrounding many of the...
Search in google:
Intended for system administrators, this security guide characterizes the latest wave of malicious code attacks being used to invade commercial computer systems based on Windows and UNIX--worms, mobile code on the web, backdoors, Trojan horses, and kernel-mode rootkits--recommends defenses to protect systems against each type of attack, and provides instructions for building an experimental network to analyze malicious code and the associated defenses. Annotation ©2004 Book News, Inc., Portland, OR
ForewordAcknowledgmentsCh. 1Introduction1Ch. 2Viruses25Ch. 3Worms71Ch. 4Malicious Mobile Code117Ch. 5Backdoors187Ch. 6Trojan Horses251Ch. 7User-Mode RootKits303Ch. 8Kernel-Mode RootKits379Ch. 9Going Deeper465Ch. 10Scenarios519Ch. 11Malware Analysis557Ch. 12Conclusion625Index637
\ From Barnes & NobleThe Barnes & Noble Review\ Viruses. Worms. Backdoors. Trojan horses. Rootkits. Malicious mobile code. Hybrids. And worse. There’s a word for all this garbage: malware. It’s proliferating faster than sysadmins can keep up with it -- and most security books give it only a chapter or two. That’s not nearly enough. What you need is Malware: Fighting Malicious Code. \ Author Ed Skoudis is one of the world’s top IT security consultants, and author of the classic Counter Hack, a series of hacking scenarios that offer an insider’s view of system security. Counter Hack’s malware scenarios were enormously popular: now, he’s written an entire book on the subject.\ Though you’ll find plenty of scenarios here, Malware is by no means limited to them. You’ll learn how attackers install malware and evade detection. How to secure systems against malware up-front, and how to respond to any malware that slips through. You’ll even learn how to build your own low-cost experimental, isolated mini-network for analyzing malware -- so you can be ready when someone tries to unleash it on you.\ Skoudis begins with a high-level look at the common techniques used to infect unwitting systems (for instance, exploiting mixtures of data and executable code). Next, he assesses the current nature of the virus threat, innovative strategies that break through conventional defenses, and what you can do about it (not just antivirus software, but also configuration hardening).\ He then shows how worms can attack hundreds of thousands of systems in just hours, and discusses the latest research on the subject. You’ll find a full chapter on mobile code delivered across the Web and email. Skoudis presents in-depth coverage of the latest backdoors (including Netcat and VNC), showing how attackers bypass security to gain control.\ Then, it’s on to Trojan horses: programs that appear to have some useful purpose but actually mask hidden malicious code. (When a cracker names their Trojan after an essential Windows system process, Windows runs it without checking to see if its content is valid -- and it won’t let you kill the process through Task Manager. Skoudis points you to a third-party utility that will.)\ This book contains one of the best discussions of rootkits ever written: user-level rootkits that replace executables like ls or winlogon.exe with cracked versions, and kernel-level rootkits that modify the heart of your operating system itself.\ Next, he turns to the state-of-the-art -- and the future. You’ll learn about combination attacks that draw on many of the aforementioned techniques -- as well as new BIOS and CPU attacks aimed at your hardware itself.\ As Skoudis puts it, “to be a solid security person, you need to be ready to operate in both a Windows and a UNIX environment, as most organizations have some mix [of them]. If you are prepared for attacks against both types of systems, your defenses will be far better, and you will be more valuable to your employer.” Accordingly, several of the book’s chapters are split in half, with Windows and UNIX/Linux attack variants each covered in detail.\ If you’re involved with security, you already know something about passwords, firewalls, and intrusion detection. Now it’s equally urgent for you to know about malware. Get this book, and you will. Bill Camarda\ Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.\ \ \
