Malicious mobile code is a new term to describe all sorts of destructive programs: viruses, worms, Trojans, and rogue Internet content. Until fairly recently, experts worried mostly about computer viruses that spread only through executable files, not data files, and certainly not through email exchange. The Melissa virus and the Love Bug proved the experts wrong, attacking Windows computers when recipients did nothing more than open an email. Today, writing programs is easier than ever, and so is writing malicious code. The idea that someone could write malicious code and spread it to 60 million computers in a matter of hours is no longer a fantasy.The good news is that there are effective ways to thwart Windows malicious code attacks, and author Roger Grimes maps them out in Malicious Mobile Code: Virus Protection for Windows. His opening chapter on the history of malicious code and the multi-million dollar anti-virus industry sets the stage for a comprehensive rundown on today's viruses and the nuts and bolts of protecting a system from them. He ranges through the best ways to configure Windows for maximum protection, what a DOS virus can and can't do, what today's biggest threats are, and other important and frequently surprising information. For example, how many people know that joining a chat discussion can turn one's entire computer system into an open book? Malicious Mobile Code delivers the strategies, tips, and tricks to secure a system against attack. It covers:
- The current state of the malicious code writing and cracker community
- How malicious code works, what types there are, and what it can and cannot do
- Common anti-virus defenses, including anti-virus software
- How malicious code affects the various Windows operating systems, and how to recognize, remove, and prevent it
- Macro viruses affecting MS Word, MS Excel, and VBScript
- Java applets and ActiveX controls
- Enterprise-wide malicious code protection
- The future of malicious mobile code and how to combat such code
|Publisher:||O'Reilly Media, Incorporated|
|Edition description:||1 ED|
|Product dimensions:||7.00(w) x 9.19(h) x 1.04(d)|
About the Author
Roger A. Grimes (CPA, CISSP, CEH, MCSE: Security) is a 19-year Windows security veteran with 6 books and over 150 national magazine articles on the subject. Roger is a 3-time Microsoft MVP in Windows Security (and MVP of the Month in December 2005). He participated in the Microsoft Windows Server 2003 Learning curriculum and was an Early Achiever of theWindows Server 2003 MSCE: Security desination. Roger has written advanced Windows security courses for Microsoft, Foundstone, and SANS.
Most Helpful Customer Reviews
Roger Grimes book is a great desktop reference and field recovery resource book. Using it will save users and administrators who deal with malicious code from wasting critical time and money during resolution of malicious code problems. The author's unmatched writing approach has easy to follow and implement steps for anyone (user or administrator) who needs to diagnose and recover from a malicious mobile code infection. The book also has up to date step by step configuration recommendations for protecting operating systems and applications. And the best part is that the author understands the criticality of recovering data and clearly explains the field proven methods that give you the best chance of successfully recovering your data, applications and operating system files that have been affected by malicious code. When you need to understand malicious mobile code this is THE book to have, I don't call on a client or provide remote incident assistance without it.
I like to think of myself as being fairly knowledgeable about what to look for regarding viruses, Trojans, worms, etc. However, I had no idea before reading this book how widespread all of these different malicious programs were and how they can infect any type of operating system or programming language. While Visual Basic Script may be the 'language of choice' for malicious code writers, viruses can appear with any language or in any form. This book takes an excellent look at various types of malicious programs, and the environments in which they appear. Ranging from DOS to Windows, HTML, Java, ActiveX, even macro viruses, it would seem no system is safe. And that's another way this book is an excellent reference. Not only does it describe in various chapters how a virus, worm or Trojan exists, it also gives examples of them and what to do in case your PC gets infected. Something else I liked about this book was its description of the various 'computer environments' (like DOS, HTML, Java, etc) and how malicious programmers can manipulate them to create potential disasters for your PC. No one is truly safe against malicious programmers and this book offers great advice on defending yourself against them.