- Shopping Bag ( 0 items )
From Barnes & NobleThe Barnes & Noble Review
Viruses. Worms. Backdoors. Trojan horses. Rootkits. Malicious mobile code. Hybrids. And worse. There’s a word for all this garbage: malware. It’s proliferating faster than sysadmins can keep up with it -- and most security books give it only a chapter or two. That’s not nearly enough. What you need is Malware: Fighting Malicious Code.
Author Ed Skoudis is one of the world’s top IT security consultants, and author of the classic Counter Hack, a series of hacking scenarios that offer an insider’s view of system security. Counter Hack’s malware scenarios were enormously popular: now, he’s written an entire book on the subject.
Though you’ll find plenty of scenarios here, Malware is by no means limited to them. You’ll learn how attackers install malware and evade detection. How to secure systems against malware up-front, and how to respond to any malware that slips through. You’ll even learn how to build your own low-cost experimental, isolated mini-network for analyzing malware -- so you can be ready when someone tries to unleash it on you.
Skoudis begins with a high-level look at the common techniques used to infect unwitting systems (for instance, exploiting mixtures of data and executable code). Next, he assesses the current nature of the virus threat, innovative strategies that break through conventional defenses, and what you can do about it (not just antivirus software, but also configuration hardening).
He then shows how worms can attack hundreds of thousands of systems in just hours, and discusses the latest research on the subject. You’ll find a full chapter on mobile code delivered across the Web and email. Skoudis presents in-depth coverage of the latest backdoors (including Netcat and VNC), showing how attackers bypass security to gain control.
Then, it’s on to Trojan horses: programs that appear to have some useful purpose but actually mask hidden malicious code. (When a cracker names their Trojan after an essential Windows system process, Windows runs it without checking to see if its content is valid -- and it won’t let you kill the process through Task Manager. Skoudis points you to a third-party utility that will.)
This book contains one of the best discussions of rootkits ever written: user-level rootkits that replace executables like ls or winlogon.exe with cracked versions, and kernel-level rootkits that modify the heart of your operating system itself.
Next, he turns to the state-of-the-art -- and the future. You’ll learn about combination attacks that draw on many of the aforementioned techniques -- as well as new BIOS and CPU attacks aimed at your hardware itself.
As Skoudis puts it, “to be a solid security person, you need to be ready to operate in both a Windows and a UNIX environment, as most organizations have some mix [of them]. If you are prepared for attacks against both types of systems, your defenses will be far better, and you will be more valuable to your employer.” Accordingly, several of the book’s chapters are split in half, with Windows and UNIX/Linux attack variants each covered in detail.
If you’re involved with security, you already know something about passwords, firewalls, and intrusion detection. Now it’s equally urgent for you to know about malware. Get this book, and you will. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.