BN.com Gift Guide

Malware: Fighting Malicious Code

Paperback (Print)
Buy Used
Buy Used from BN.com
$38.23
(Save 41%)
Item is in good condition but packaging may have signs of shelf wear/aging or torn packaging.
Condition: Used – Good details
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 96%)
Other sellers (Paperback)
  • All (20) from $1.99   
  • New (8) from $36.22   
  • Used (12) from $1.99   

Overview

  • Reveals how attackers install malicious code and how they evade detection
  • Shows how you can defeat their schemes and keep your computers and network safe!
  • Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats
  • Explains how to handle today's threats, with an eye on handling the threats to come

"This is a truly outstanding book-enormous technical wealth and beautifully written."
—Warwick Ford

"Ed does it again, piercing the veil of mystery surrounding many of the more technical aspects of computer security!"
—Harlan Carvey, CISSP

"This book is entertaining and informative, while justifiably scaring you. Luckily it also tells you how to protect yourself, but makes you realize it's going to be a permanent spy-vs-spy struggle."
—Radia Perlman, Distinguished Engineer, Sun Microsystems

Keep control of your systems out of the hands of unknown attackers

Ignoring the threat of malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data-all without your knowledge! Written for computer pros and savvy home users by computer security expert Edward Skoudis, Malware: Fighting Malicious Code covers everything you need to know about malware, and how to defeat it!

This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn. This book includes:

  • Solutions and examples that cover both UNIX® and Windows®
  • Practical, time-tested, real-world actions you can take to secure your systems
  • Instructions for building your own inexpensive malware code analysis lab so you can get familiar with attack and defensive tools harmlessly!

Malware: Fighting Malicious Code is intended for system administrators, network personnel, security personnel, savvy home computer users, and anyone else interested in keeping their systems safe from attackers.

Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
Viruses. Worms. Backdoors. Trojan horses. Rootkits. Malicious mobile code. Hybrids. And worse. There’s a word for all this garbage: malware. It’s proliferating faster than sysadmins can keep up with it -- and most security books give it only a chapter or two. That’s not nearly enough. What you need is Malware: Fighting Malicious Code.

Author Ed Skoudis is one of the world’s top IT security consultants, and author of the classic Counter Hack, a series of hacking scenarios that offer an insider’s view of system security. Counter Hack’s malware scenarios were enormously popular: now, he’s written an entire book on the subject.

Though you’ll find plenty of scenarios here, Malware is by no means limited to them. You’ll learn how attackers install malware and evade detection. How to secure systems against malware up-front, and how to respond to any malware that slips through. You’ll even learn how to build your own low-cost experimental, isolated mini-network for analyzing malware -- so you can be ready when someone tries to unleash it on you.

Skoudis begins with a high-level look at the common techniques used to infect unwitting systems (for instance, exploiting mixtures of data and executable code). Next, he assesses the current nature of the virus threat, innovative strategies that break through conventional defenses, and what you can do about it (not just antivirus software, but also configuration hardening).

He then shows how worms can attack hundreds of thousands of systems in just hours, and discusses the latest research on the subject. You’ll find a full chapter on mobile code delivered across the Web and email. Skoudis presents in-depth coverage of the latest backdoors (including Netcat and VNC), showing how attackers bypass security to gain control.

Then, it’s on to Trojan horses: programs that appear to have some useful purpose but actually mask hidden malicious code. (When a cracker names their Trojan after an essential Windows system process, Windows runs it without checking to see if its content is valid -- and it won’t let you kill the process through Task Manager. Skoudis points you to a third-party utility that will.)

This book contains one of the best discussions of rootkits ever written: user-level rootkits that replace executables like ls or winlogon.exe with cracked versions, and kernel-level rootkits that modify the heart of your operating system itself.

Next, he turns to the state-of-the-art -- and the future. You’ll learn about combination attacks that draw on many of the aforementioned techniques -- as well as new BIOS and CPU attacks aimed at your hardware itself.

As Skoudis puts it, “to be a solid security person, you need to be ready to operate in both a Windows and a UNIX environment, as most organizations have some mix [of them]. If you are prepared for attacks against both types of systems, your defenses will be far better, and you will be more valuable to your employer.” Accordingly, several of the book’s chapters are split in half, with Windows and UNIX/Linux attack variants each covered in detail.

If you’re involved with security, you already know something about passwords, firewalls, and intrusion detection. Now it’s equally urgent for you to know about malware. Get this book, and you will. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

Read More Show Less

Product Details

Meet the Author

ED SKOUDIS is a computer security consultant with International Network Services. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, designed secure network architectures, and responded to computer attacks. A frequent speaker on issues associated with hacker tools and effective defenses, Ed has published several articles, as well as the highly acclaimed Counter Attack: A Step-by-Step Guide to Computer Attacks and Effective Defenses (Prentice Hall PTR, 2001).

Read More Show Less

Table of Contents

Foreword.

Acknowledgments.

1. Introduction.

Defining the Problem. Why Is Malicious Code So Prevalent? Types of Malicious Code. Malicious Code History. Why This Book? What To Expect. References.

2. Viruses.

The Early History of Computer Viruses. Infection Mechanisms and Targets. Virus Propagation Mechanisms. Defending against Viruses. Malware Self-Preservation Techniques. Conclusions. Summary. References.

3. Worms.

Why Worms? A Brief History of Worms. Worm Components. Impediments to Worm Spread. The Coming Super Worms. Bigger Isn't Always Better: The Un-Super Worm. Worm Defenses. Conclusions. Summary. References.

4. Malicious Mobile Code.

Browser Scripts. ActiveX Controls. Java Applets. Mobile Code in E-Mail Clients. Distributed Applications and Mobile Code. Additional Defenses against Malicious Mobile Code. Conclusions. Summary. References.

5. Backdoors.

Different Kinds of Backdoor Access. Installing Backdoors. Starting Backdoors Automatically. All-Purpose Network Connection Gadget: Netcat. Network Computing. Backdoors without Ports. Conclusions. Summary. References.

6. Trojan Horses.

What's in a Name? Wrap Stars. Trojaning Software Distribution Sites. Poisoning the Source. Co-opting a Browser: Setiri. Hiding Data in Executables: Stego and Polymorphism. Conclusions. Summary. References.

7. User-Mode RootKits.

UNIX User-mode RootKits. Windows User-Mode RootKits. Conclusions. Summary. References.

8. Kernel-Mode RootKits.

What Is the Kernel? Kernel Manipulation Impact. The Linux Kernel. The Windows Kernel. Conclusions. Summary. References.

9. Going Deeper.

Setting the Stage: Different Layers of Malware. Going Deeper: The Possibility of BIOS and Malware Microcode. Combo Malware. Conclusions. Summary. References.

10. Scenarios.

Scenario 1: A Fly in the Ointment. Scenario 2: Invasion of the Kernel Snatchers. Scenario 3: Silence of the Worms. Conclusions. Summary.

11. Malware Analysis.

Building a Malware Analysis Laboratory. Malware Analysis Process. Conclusion. Summary. References.

12. Conclusion.

Useful Web Sites for Keeping Up. Parting Thoughts.

Index.

Read More Show Less

Preface

Foreword

Several years ago I attended a special conference on intrusion detection in McLean, Virginia. Each attendee was assigned to one of four teams charged with assessing the state of the art and making recommendations for future research in various areas related to intrusion detection. At the end, a representative from each team presented the output of that team's work to all attendees. Although each team's report was very interesting and worthwhile, the malicious code team's assessment of progress in that area particularly caught my attention. This team's conclusion was that not much genuine progress in characterizing and identifying malicious code had been made over the years. Given that viruses have been in existence for at least two decades and that all kinds of malicious code has been written and deployed "in the wild," it would not at all have been unexpected to hear that great strides in understanding malicious code have occurred to the point that sophisticated programs can now accurately and efficiently identify almost every instance of malicious code. But such was not the case. Some researchers who were not at the conference would undoubtedly disagree with the malicious code team's assessment, but I am confident that they would be in the minority. A considerable amount of work to better identify and deal with malware is underway, but genuine progress in understanding and detecting malware has indeed been frustratingly slow.

The irony of it all is that today's computing world is saturated with malware. Viruses and worms are so prevalent that newspaper, magazine, and television accounts of the "latest and greatest" virus or worm are now commonplace. Even young computer users typically understand basically what a virus is and why viruses are undesirable. "Create your own virus" toolkits have been available for years. Public "hacker tool" sites, relatively rare ten years ago, are now prevalent on the Internet. Going to a "hacker tool" site to obtain malware is not, however, necessary for someone to obtain malware. In August 2002, the Computer Emergency Response Team Coordination Center (CERT/CC) reported that a perpetrator had modified copies of the source code for OpenSSH such that they contained Trojan horse routines. Unsuspecting users went to the OpenSSH site and mirror sites to download OpenSSH in the expectation that they would be tightening security by encrypting network traffic between hosts. Instead, they introduced routines within the OpenSSH source that allowed attackers to gain remote control of their systems. And even Ed Skoudis, one of the few people in the world who can identify virtually every type of attack and also the author of this book, Malware: Fighting Malicious Code, reports in the first chapter that he found several Trojan horse programs that performed brute force password cracking in one of his systems. Malware is not a rarity; it is prevalent, and the problem is getting worse.

Malware does not exist in a vacuum--it cannot magically infuse itself into systems and network devices. Just as biological parasites generally exploit one or more weaknesses in the host, malware requires special conditions if it is to execute and then produce the intended results. Today's computing world, fortunately for the authors of malware but unfortunately for the user community, provides a nearly ideal environment. Why? Primarily, it is because of the many vulnerabilities in software that is commonly used today. Too many software vendors typically rush the software development process in an attempt to cut development costs and to get a competitive edge for their software products, thereby maximizing profits. The code they produce is often not carefully designed, implemented, or adequately tested. The result is bug-riddled software--software that behaves abnormally or, worse yet, causes the system on which it runs to behave abnormally, in many cases allowing perpetrators a chance to execute malware that exploits abnormal conditions and/or install more malware that does what perpetrators need it to do (such as capture keyboard output). With virtually no government regulation of the software industry and a user community that naively continues to purchase and use bug-riddled software and too often fails to patch the bugs that are discovered in it, malware truly has a "target rich" environment in which it can flourish.

Worse yet, a major change in the usability of cracking utilities has transpired. Not all that long ago, anyone who obtained a copy of a cracking utility usually had to struggle to learn how to use it. Most of the user interfaces were command line interfaces with a cryptic syntax that often only the author of a particular tool could master. Help facilities in these utilities was virtually unheard of. The result was difficult or impossible to use tools, tools that could be used by only "the few, the proud." The level of security-related threat was thus not really very high. The usability of cracking utilities has, however, improved substantially over time. A large number of tools are now so easy to use that they are often sarcastically called kiddie scripts. All a would-be attacker needs to do with such tools is download them, enter a little information (such as an answer to "What IP address do you want to attack?"), move a pointer to Go and then click a mouse button. The emergence of kiddie scripts has had much of the same effect that guns had centuries ago. Before guns were widely used in battle, a large individual, all things considered, had a huge advantage over a small individual. The gun became the "great equalizer." Kiddie scripts likewise are a great equalizer, although in a somewhat different sense. Someone who uses a kiddie script may not be able to do all the things that a very experienced attacker might be able to do, but the inexperienced person might at least be able to do many or most of these things.

The types of motivation to deploy malware are also eye opening. Traditional "hackers" are now only a part of the potential force of cyber world adversaries. Organized crime has moved into the computing arena, looking for opportunities such as making unauthorized funds transfers. Industrial espionage agents, disgruntled or greedy insiders, "information warfare" specialists within the military and government arenas, jilted lovers, sexual predators, identity thieves, and even cyber terrorists are among the many categories of individuals who are likely to use malware to breach security in systems and networks. Computer security professionals are taught that attacks are the by-products of capabilities, means, and opportunity. Malware translates to capabilities. The opportunities are truly mind-boggling when one considers just how diverse computing environments are today and how many different types of people can potentially obtain access to systems and networks.

All is not lost, however. The war against malware has at least a few bright sports. Anti-virus software is widely available today, for example, and, if it is updated regularly, it is effective in detecting and eradicating quite a few types of malware, especially (but not limited to) viruses and worms on Windows and Macintosh systems. The success of antivirus software represents some degree of victory in the war against malware. But the overwhelming majority of this type of software is pretty simplistic, as you'll see in Chapter 2 of this book, and, worse yet, there are many users who still do not run antivirus software on their Windows and Macintosh systems, or if they do, they may fail to update it as necessary. Other kinds of malware detection and eradication software have been developed, as covered in various chapters throughout this book, but once again the lack of deployment (often by organizations that need this type of software the most) is a major limitation with this type of software.

The problem of the existence of many types of malware and the fact that malware seems to become increasingly sophisticated so quickly has created a huge gap between malware as we know it and our capabilities of dealing with it. If we are ever going to reduce the size of this gap, we need to leap ahead instead of taking minute steps in understanding and dealing with malicious code. The availability of a detailed, comprehensive work on the types of malware that exist, how they work, and how to defend against them would be one of the best catalysts for such a leap. Malware: Fighting Malicious Code is such a work. Ed Skoudis presents the necessary groundwork for understanding malware in Chapter 1 with a neat little taxonomy, then proceeds to cover each major type of malicious code--viruses, worms, malicious mobile code, backdoors, Trojan horses, user-mode rootkits, kernel rootkits, and deeper levels of malicious code and hybrid malware, in the subsequent chapters. He then presents scenarios in which malicious code has been planted in systems and concludes with how to safely and effectively analyze potential and real malware. My favorite chapter is chapter eight (on kernel-mode rootkits) because Ed takes a topic in which there is at best scattered knowledge and puts it together into a highly detailed and comprehensible framework. I must admit that I was the most uncomfortable after reading this particular chapter, too, because I for the first time realized just how many clever ways there are to subvert kernels. I poked around one of my own Linux systems afterwards to try the things that Ed covered in an attempt to assure myself that the system had not been subverted at the kernel layer. I found that after reading this chapter, I was able to do this surprisingly well for someone who spends most of his time dealing with Windows, not Linux systems. Chapter 10 (on scenarios), applies what Ed has covered in the first nine chapters. Scenarios and case studies are the best way to "bring concepts home," and Ed has done that in a very nice way in the scenarios chapter. It is always interesting to learn about malicious code, but if you do not know what to do about it when you are through reading, you really haven't benefited. This whole book establishes that effective, proven, and workable solutions against this threat are available and describes in great detail how these solutions can be implemented.

I have never seen such a group of issues of the nature of the ones covered in Malware: Fighting Malicious Code so clearly and systematically presented. Ed is a top-rated SANS faculty member, and if you have any doubt that he can write as well as he can lecture, reading this book should completely remove it. His ability to present all the relevant technical details so understandably but without diluting the technical content is one that few authors have. His frequent injection of humorous statements is "topping on the cake," keeping the interest level high no matter how technical the subject matter. I keep thinking about how much more students who have taken various computer security courses from me over the years would have gotten out of these courses had this book been available earlier.

--E. Eugene Schultz, Ph.D., CISSP, CISM

Read More Show Less

Introduction

Foreword

Several years ago I attended a special conference on intrusion detection in McLean, Virginia. Each attendee was assigned to one of four teams charged with assessing the state of the art and making recommendations for future research in various areas related to intrusion detection. At the end, a representative from each team presented the output of that team's work to all attendees. Although each team's report was very interesting and worthwhile, the malicious code team's assessment of progress in that area particularly caught my attention. This team's conclusion was that not much genuine progress in characterizing and identifying malicious code had been made over the years. Given that viruses have been in existence for at least two decades and that all kinds of malicious code has been written and deployed "in the wild," it would not at all have been unexpected to hear that great strides in understanding malicious code have occurred to the point that sophisticated programs can now accurately and efficiently identify almost every instance of malicious code. But such was not the case. Some researchers who were not at the conference would undoubtedly disagree with the malicious code team's assessment, but I am confident that they would be in the minority. A considerable amount of work to better identify and deal with malware is underway, but genuine progress in understanding and detecting malware has indeed been frustratingly slow.

The irony of it all is that today's computing world is saturated with malware. Viruses and worms are so prevalent that newspaper, magazine, and television accounts of the "latest and greatest" virus or worm are nowcommonplace. Even young computer users typically understand basically what a virus is and why viruses are undesirable. "Create your own virus" toolkits have been available for years. Public "hacker tool" sites, relatively rare ten years ago, are now prevalent on the Internet. Going to a "hacker tool" site to obtain malware is not, however, necessary for someone to obtain malware. In August 2002, the Computer Emergency Response Team Coordination Center (CERT/CC) reported that a perpetrator had modified copies of the source code for OpenSSH such that they contained Trojan horse routines. Unsuspecting users went to the OpenSSH site and mirror sites to download OpenSSH in the expectation that they would be tightening security by encrypting network traffic between hosts. Instead, they introduced routines within the OpenSSH source that allowed attackers to gain remote control of their systems. And even Ed Skoudis, one of the few people in the world who can identify virtually every type of attack and also the author of this book, Malware: Fighting Malicious Code, reports in the first chapter that he found several Trojan horse programs that performed brute force password cracking in one of his systems. Malware is not a rarity; it is prevalent, and the problem is getting worse.

Malware does not exist in a vacuum--it cannot magically infuse itself into systems and network devices. Just as biological parasites generally exploit one or more weaknesses in the host, malware requires special conditions if it is to execute and then produce the intended results. Today's computing world, fortunately for the authors of malware but unfortunately for the user community, provides a nearly ideal environment. Why? Primarily, it is because of the many vulnerabilities in software that is commonly used today. Too many software vendors typically rush the software development process in an attempt to cut development costs and to get a competitive edge for their software products, thereby maximizing profits. The code they produce is often not carefully designed, implemented, or adequately tested. The result is bug-riddled software--software that behaves abnormally or, worse yet, causes the system on which it runs to behave abnormally, in many cases allowing perpetrators a chance to execute malware that exploits abnormal conditions and/or install more malware that does what perpetrators need it to do (such as capture keyboard output). With virtually no government regulation of the software industry and a user community that naively continues to purchase and use bug-riddled software and too often fails to patch the bugs that are discovered in it, malware truly has a "target rich" environment in which it can flourish.

Worse yet, a major change in the usability of cracking utilities has transpired. Not all that long ago, anyone who obtained a copy of a cracking utility usually had to struggle to learn how to use it. Most of the user interfaces were command line interfaces with a cryptic syntax that often only the author of a particular tool could master. Help facilities in these utilities was virtually unheard of. The result was difficult or impossible to use tools, tools that could be used by only "the few, the proud." The level of security-related threat was thus not really very high. The usability of cracking utilities has, however, improved substantially over time. A large number of tools are now so easy to use that they are often sarcastically called kiddie scripts. All a would-be attacker needs to do with such tools is download them, enter a little information (such as an answer to "What IP address do you want to attack?"), move a pointer to Go and then click a mouse button. The emergence of kiddie scripts has had much of the same effect that guns had centuries ago. Before guns were widely used in battle, a large individual, all things considered, had a huge advantage over a small individual. The gun became the "great equalizer." Kiddie scripts likewise are a great equalizer, although in a somewhat different sense. Someone who uses a kiddie script may not be able to do all the things that a very experienced attacker might be able to do, but the inexperienced person might at least be able to do many or most of these things.

The types of motivation to deploy malware are also eye opening. Traditional "hackers" are now only a part of the potential force of cyber world adversaries. Organized crime has moved into the computing arena, looking for opportunities such as making unauthorized funds transfers. Industrial espionage agents, disgruntled or greedy insiders, "information warfare" specialists within the military and government arenas, jilted lovers, sexual predators, identity thieves, and even cyber terrorists are among the many categories of individuals who are likely to use malware to breach security in systems and networks. Computer security professionals are taught that attacks are the by-products of capabilities, means, and opportunity. Malware translates to capabilities. The opportunities are truly mind-boggling when one considers just how diverse computing environments are today and how many different types of people can potentially obtain access to systems and networks.

All is not lost, however. The war against malware has at least a few bright sports. Anti-virus software is widely available today, for example, and, if it is updated regularly, it is effective in detecting and eradicating quite a few types of malware, especially (but not limited to) viruses and worms on Windows and Macintosh systems. The success of antivirus software represents some degree of victory in the war against malware. But the overwhelming majority of this type of software is pretty simplistic, as you'll see in Chapter 2 of this book, and, worse yet, there are many users who still do not run antivirus software on their Windows and Macintosh systems, or if they do, they may fail to update it as necessary. Other kinds of malware detection and eradication software have been developed, as covered in various chapters throughout this book, but once again the lack of deployment (often by organizations that need this type of software the most) is a major limitation with this type of software.

The problem of the existence of many types of malware and the fact that malware seems to become increasingly sophisticated so quickly has created a huge gap between malware as we know it and our capabilities of dealing with it. If we are ever going to reduce the size of this gap, we need to leap ahead instead of taking minute steps in understanding and dealing with malicious code. The availability of a detailed, comprehensive work on the types of malware that exist, how they work, and how to defend against them would be one of the best catalysts for such a leap. Malware: Fighting Malicious Code is such a work. Ed Skoudis presents the necessary groundwork for understanding malware in Chapter 1 with a neat little taxonomy, then proceeds to cover each major type of malicious code--viruses, worms, malicious mobile code, backdoors, Trojan horses, user-mode rootkits, kernel rootkits, and deeper levels of malicious code and hybrid malware, in the subsequent chapters. He then presents scenarios in which malicious code has been planted in systems and concludes with how to safely and effectively analyze potential and real malware. My favorite chapter is chapter eight (on kernel-mode rootkits) because Ed takes a topic in which there is at best scattered knowledge and puts it together into a highly detailed and comprehensible framework. I must admit that I was the most uncomfortable after reading this particular chapter, too, because I for the first time realized just how many clever ways there are to subvert kernels. I poked around one of my own Linux systems afterwards to try the things that Ed covered in an attempt to assure myself that the system had not been subverted at the kernel layer. I found that after reading this chapter, I was able to do this surprisingly well for someone who spends most of his time dealing with Windows, not Linux systems. Chapter 10 (on scenarios), applies what Ed has covered in the first nine chapters. Scenarios and case studies are the best way to "bring concepts home," and Ed has done that in a very nice way in the scenarios chapter. It is always interesting to learn about malicious code, but if you do not know what to do about it when you are through reading, you really haven't benefited. This whole book establishes that effective, proven, and workable solutions against this threat are available and describes in great detail how these solutions can be implemented.

I have never seen such a group of issues of the nature of the ones covered in Malware: Fighting Malicious Code so clearly and systematically presented. Ed is a top-rated SANS faculty member, and if you have any doubt that he can write as well as he can lecture, reading this book should completely remove it. His ability to present all the relevant technical details so understandably but without diluting the technical content is one that few authors have. His frequent injection of humorous statements is "topping on the cake," keeping the interest level high no matter how technical the subject matter. I keep thinking about how much more students who have taken various computer security courses from me over the years would have gotten out of these courses had this book been available earlier.

--E. Eugene Schultz, Ph.D., CISSP, CISM

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted December 13, 2003

    Levels the Playing Field

    Utterly fascinating. It comprehensively surveys the field of malware. It clearly explains viruses, worms and Trojans. Plus, given the universal prevalence of browsers on computers these days, careful attention is given to infiltrations via buggy browsers. The authors write in an easy to follow style, aimed at the programmer. Though if you are not such, but know the rudiments of computers as a user, you can follow most of the discussion. If you have ever wondered at the brief explanations of viruses or worms that appear in the general media, or even in the technical magazines, then this is an instructive book. For example, you have probably heard of 'buffer overflows'. But due to the constraints of space or audience type, the explanations left you unsatisfied. Turn instead here. Some of you may look with askance upon this book. After all, haven't the authors just written a HowTo for new malware wretches? Strictly, perhaps so. But before you berate the authors, consider this. The top malware writers probably devote the bulk of their intellectual creativity to malware. But if you want to guard against it, and you are a programmer or sysadmin, typically this is not your only responsibility. Without a book like this, it is much harder to come up to speed. You then face a very unlevel playing field. The only strange thing about this book is that there should be more like it, at its level of detail. If you survey the field of computer books, it can seem like there are multiple books on most topics, not matter how obscure. But on THIS topic, which is of broad, pervasive import to most users, there exists little. Until now.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)