Premium Members Get 10% Off and Earn Rewards Find Out More
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System
While forensic analysis has proven to be a valuable investigative tool in the field of computer security, utilizing anti-forensic technology makes it possible to maintain a covert operational foothold for extended periods, even in a high-security environment. Adopting an approach that favors full disclosure, the updated Second Edition of The Rootkit Arsenal presents the most accessible, timely, and complete coverage of forensic countermeasures. This book covers more topics, in greater depth, than any other currently available. In doing so the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.The range of topics presented includes how to:-Evade post-mortem analysis-Frustrate attempts to reverse engineer your command&control modules-Defeat live incident response-Undermine the process of memory analysis-Modify subsystem internals to feed misinformation to the outside-Entrench your code in fortified regions of execution-Design and implement covert channels-Unearth new avenues of attack
1138128667
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System
While forensic analysis has proven to be a valuable investigative tool in the field of computer security, utilizing anti-forensic technology makes it possible to maintain a covert operational foothold for extended periods, even in a high-security environment. Adopting an approach that favors full disclosure, the updated Second Edition of The Rootkit Arsenal presents the most accessible, timely, and complete coverage of forensic countermeasures. This book covers more topics, in greater depth, than any other currently available. In doing so the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.The range of topics presented includes how to:-Evade post-mortem analysis-Frustrate attempts to reverse engineer your command&control modules-Defeat live incident response-Undermine the process of memory analysis-Modify subsystem internals to feed misinformation to the outside-Entrench your code in fortified regions of execution-Design and implement covert channels-Unearth new avenues of attack
103.49 In Stock
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System

by Bill Blunden
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System
Add to Wishlist
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System

by Bill Blunden

Overview

While forensic analysis has proven to be a valuable investigative tool in the field of computer security, utilizing anti-forensic technology makes it possible to maintain a covert operational foothold for extended periods, even in a high-security environment. Adopting an approach that favors full disclosure, the updated Second Edition of The Rootkit Arsenal presents the most accessible, timely, and complete coverage of forensic countermeasures. This book covers more topics, in greater depth, than any other currently available. In doing so the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.The range of topics presented includes how to:-Evade post-mortem analysis-Frustrate attempts to reverse engineer your command&control modules-Defeat live incident response-Undermine the process of memory analysis-Modify subsystem internals to feed misinformation to the outside-Entrench your code in fortified regions of execution-Design and implement covert channels-Unearth new avenues of attack

Product Details

ISBN-13: 9781449696290
Publisher: Jones & Bartlett Learning
Publication date: 03/16/2012
Sold by: Barnes & Noble
Format: eBook
Pages: 784
File size: 51 MB
Note: This product may take a few minutes to download.

About the Author

Bill Blunden (MCSE, MCITP: Enterprise Administrator) began his journey into enterprise computing over ten years ago at an insurance company in Cleveland, Ohio. Gradually forging a westward path to Northern California, he’s worked with ERP middleware, developed code for network security appliances, and taken various detours through academia. Bill is the principal investigator at Below Gotham Lab s.

Table of Contents

Part I Foundation
Chapter 1 Empty Cup Mind
Chapter 2 Anti-Forensics Overview
Chapter 3 Hardware Briefing
Chapter 4 System Software Briefing
Chapter 5 Tools of the Trade
Chapter 6 Life in Kernel Space
Part II Post-Mortem
Chapter 7 Defeating Disk Analysis
Chapter 8 Foiling Executable Analysis
Part III Live Response
Chapter 9 Defeating Live Response
Chapter 10 Shellcode
Chapter 11 Modifying Call Tables
Chapter 12 Modifying Code
Chapter 13 Modifying Objects Kernel
Chapter 14 Covert Channels
Chapter 15 Going Out-of-Band
Part IV Summation
Chapter 16 The Tao of Rootkits
From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Networking & Telecommunications
Security - Computer Networks
Computers
Networking & Telecommunications
Security - Computer Networks

Customer Reviews