Computer security expert and highly acclaimed author Ed Skoudis focuses on one of the biggest areas of computer attacks--malicious code.
Real-world tools needed to prevent, detect, and handle malicious code attacks.
Computer infection from viruses, worms, Trojan Horses etc., collectively known as malware is a growing cost problem for businesses.
Discover how attackers install malware and how you can peer through their schemes to keep systems safe.
Bonus malware code analysis laboratory.
Malicious code is a set of instructions that runs on your computer and makes your system do something that you do not want it to do. For example, it can delete sensitive configuration files from your hard drive, rendering your computer completely inoperable; infect your computer and use it as a jumping-off point to spread to all of your buddies' computers; and steal files from your machine. Malicious code in the hands of a crafty attacker is indeed powerful. It's becoming even more of a problem because many of the very same factors fueling the evolution of the computer industry are making our systems even more vulnerable to malicious code. Specifically, malicious code writers benefit from the trends toward mixing static data and executable instructions, increasingly homogenous computing environments, unprecedented connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis addressed malicious code in just one chapter of his previous book. Here, a dozen chapters focus on one of the most interesting and rapidly developing areas of computer attacks. *Chapter 11, "Defender's Toolbox," rolls together the defensive strategies described in the book. As a bonus, Skoudis gives recipes for creating your own malicious code analysis laboratory using cheap hardware and software. Product Description
Malicious code is a set of instructions that runs on your computer and makes your system do something that you do not want it to do. For example, it can delete sensitive configuration files from your hard drive, rendering your computer completely inoperable; infect your computer and use it as a jumping-off point to spread to all of your buddies' computers; and steal files from your machine. Malicious code in the hands of a crafty attacker is indeed powerful. It's becoming even more of a problem because many of the very same factors fueling the evolution of the computer industry are making our systems even more vulnerable to malicious code. Specifically, malicious code writers benefit from the trends toward mixing static data and executable instructions, increasingly homogenous computing environments, unprecedented connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis addressed malicious code in just one chapter of his previous book. Here, a dozen chapters focus on one of the most interesting and rapidly developing areas of computer attacks.*Chapter 11, Defender's Toolbox, rolls together the defensive strategies described in the book. As a bonus, Skoudis gives recipes for creating your own malicious code analysis laboratory using cheap hardware and software.
Features + Benefits
Computer security expert and highly acclaimed author Ed Skoudis focuses on one of the biggest areas of computer attacks--malicious code.
° Real-world tools needed to prevent, detect, and handle malicious code attacks.
° Computer infection from viruses, worms, Trojan Horses etc., collectively known as malware is a growing cost problem for businesses.
° Discover how attackers install malware and how you can peer through their schemes to keep systems safe.
° Bonus malware code analysis laboratory.
Backcover
Reveals how attackers install malicious code and how they evade detection
Shows how you can defeat their schemes and keep your computers and network safe!
Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats
Explains how to handle today's threats, with an eye on handling the threats to come
This is a truly outstanding book-enormous technical wealth and beautifully written.
-Warwick Ford
Ed does it again, piercing the veil of mystery surrounding many of the more technical aspects of computer security!
-Harlan Carvey, CISSP
This book is entertaining and informative, while justifiably scaring you. Luckily it also tells you how to protect yourself, but makes you realize it's going to be a permanent spy-vs-spy struggle.
-Radia Perlman, Distinguished Engineer, Sun Microsystems
Keep control of your systems out of the hands of unknown attackers Ignoring the threat of malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data-all without your knowledge! Written for computer pros and savvy home users by computer security expert Edward Skoudis, Malware: Fighting Malicious Code covers everything you need to know about malware, and how to defeat it!
This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn. This book includes:
Solutions and examples that cover both UNIX® and Windows®
Practical, time-tested, real-world actions you can take to secure your systems
Instructions for building your own inexpensive malware code analysis lab so you can get familiar with attack and defensive tools harmlessly!
Malware: Fighting Malicious Code is intended for system administrators, network personnel, security personnel, savvy home computer users, and anyone else interested in keeping their systems safe from attackers.
Foreword.
Acknowledgments.
1. Introduction.
Defining the Problem. Why Is Malicious Code So Prevalent? Types of Malicious Code. Malicious Code History. Why This Book? What To Expect. References.
2. Viruses.
The Early History of Computer Viruses. Infection Mechanisms and Targets. Virus Propagation Mechanisms. Defending against Viruses. Malware Self-Preservation Techniques. Conclusions. Summary. References.
3. Worms.
Why Worms? A Brief History of Worms. Worm Components. Impediments to Worm Spread. The Coming Super Worms. Bigger Isn't Always Better: The Un-Super Worm. Worm Defenses. Conclusions. Summary. References.
4. Malicious Mobile Code.
Browser Scripts. ActiveX Controls. Java Applets. Mobile Code in E-Mail Clients. Distributed Applications and Mobile Code. Additional Defenses against Malicious Mobile Code. Conclusions. Summary. References.
5. Backdoors.
Different Kinds of Backdoor Access. Installing Backdoors. Starting Backdoors Automatically. All-Purpose Network Connection Gadget: Netcat. Network Computing. Backdoors without Ports. Conclusions. Summary. References.
6. Trojan Horses.
What's in a Name? Wrap Stars. Trojaning Software Distribution Sites. Poisoning the Source. Co-opting a Browser: Setiri. Hiding Data in Executables: Stego and Polymorphism. Conclusions. Summary. References.
7. User-Mode RootKits.
UNIX User-mode RootKits. Windows User-Mode RootKits. Conclusions. Summary. References.
8. Kernel-Mode RootKits.
What Is the Kernel? Kernel Manipulation Impact. The Linux Kernel. The Windows Kernel. Conclusions. Summary. References.
9. Going Deeper.
Setting the Stage: Different Layers of Malware. Going Deeper: The Possibility of BIOS and Malware Microcode. Combo Malware. Conclusions. Summary. References.
10. Scenarios.
Scenario 1: A Fly in the Ointment. Scenario 2: Invasion of the Kernel Snatchers. Scenario 3: Silence of the Worms. Conclusions. Summary.
11. Malware Analysis.
Building a Malware Analysis Laboratory. Malware Analysis Process. Conclusion. Summary. References.
12. Conclusion.
Useful Web Sites for Keeping Up. Parting Thoughts.
Index.
Malicious code is a set of instructions that runs on your computer and makes
your system do something that you do not want it to do. For example, it can
delete sensitive configuration files from your hard drive, rendering your
computer completely inoperable; infect your computer and use it as a jumpingoff
point to spread to all of your buddies' computers; and steal files from your
machine. Malicious code in the hands of a crafty attacker is indeed powerful.
It's becoming even more of a problem because many of the very same factors
fueling the evolution of the computer industry are making our systems even
more vulnerable to malicious code. Specifically, malicious code writers benefit
from the trends toward mixing static data and executable instructions,
increasingly homogenous computing environments, unprecedented
connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis
addressed malicious code in just one chapter of his previous book. Here, a
dozen chapters focus on one of the most interesting and rapidly developing
areas of computer attacks.
*Chapter 11, Defender's Toolbox, rolls together the defensive strategies
described in the book. As a bonus, Skoudis gives recipes for creating your own
malicious code analysis laboratory using cheap hardware and software.
*Foreword by Gene Schultz, security inspector for Global Integrity.
Real-world tools needed to prevent, detect, and handle malicious code attacks.
Computer infection from viruses, worms, Trojan Horses etc., collectively known as malware is a growing cost problem for businesses.
Discover how attackers install malware and how you can peer through their schemes to keep systems safe.
Bonus malware code analysis laboratory.
Malicious code is a set of instructions that runs on your computer and makes your system do something that you do not want it to do. For example, it can delete sensitive configuration files from your hard drive, rendering your computer completely inoperable; infect your computer and use it as a jumping-off point to spread to all of your buddies' computers; and steal files from your machine. Malicious code in the hands of a crafty attacker is indeed powerful. It's becoming even more of a problem because many of the very same factors fueling the evolution of the computer industry are making our systems even more vulnerable to malicious code. Specifically, malicious code writers benefit from the trends toward mixing static data and executable instructions, increasingly homogenous computing environments, unprecedented connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis addressed malicious code in just one chapter of his previous book. Here, a dozen chapters focus on one of the most interesting and rapidly developing areas of computer attacks. *Chapter 11, "Defender's Toolbox," rolls together the defensive strategies described in the book. As a bonus, Skoudis gives recipes for creating your own malicious code analysis laboratory using cheap hardware and software. Product Description
Malicious code is a set of instructions that runs on your computer and makes your system do something that you do not want it to do. For example, it can delete sensitive configuration files from your hard drive, rendering your computer completely inoperable; infect your computer and use it as a jumping-off point to spread to all of your buddies' computers; and steal files from your machine. Malicious code in the hands of a crafty attacker is indeed powerful. It's becoming even more of a problem because many of the very same factors fueling the evolution of the computer industry are making our systems even more vulnerable to malicious code. Specifically, malicious code writers benefit from the trends toward mixing static data and executable instructions, increasingly homogenous computing environments, unprecedented connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis addressed malicious code in just one chapter of his previous book. Here, a dozen chapters focus on one of the most interesting and rapidly developing areas of computer attacks.*Chapter 11, Defender's Toolbox, rolls together the defensive strategies described in the book. As a bonus, Skoudis gives recipes for creating your own malicious code analysis laboratory using cheap hardware and software.
Features + Benefits
Computer security expert and highly acclaimed author Ed Skoudis focuses on one of the biggest areas of computer attacks--malicious code.
° Real-world tools needed to prevent, detect, and handle malicious code attacks.
° Computer infection from viruses, worms, Trojan Horses etc., collectively known as malware is a growing cost problem for businesses.
° Discover how attackers install malware and how you can peer through their schemes to keep systems safe.
° Bonus malware code analysis laboratory.
Backcover
Reveals how attackers install malicious code and how they evade detection
Shows how you can defeat their schemes and keep your computers and network safe!
Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats
Explains how to handle today's threats, with an eye on handling the threats to come
This is a truly outstanding book-enormous technical wealth and beautifully written.
-Warwick Ford
Ed does it again, piercing the veil of mystery surrounding many of the more technical aspects of computer security!
-Harlan Carvey, CISSP
This book is entertaining and informative, while justifiably scaring you. Luckily it also tells you how to protect yourself, but makes you realize it's going to be a permanent spy-vs-spy struggle.
-Radia Perlman, Distinguished Engineer, Sun Microsystems
Keep control of your systems out of the hands of unknown attackers Ignoring the threat of malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data-all without your knowledge! Written for computer pros and savvy home users by computer security expert Edward Skoudis, Malware: Fighting Malicious Code covers everything you need to know about malware, and how to defeat it!
This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn. This book includes:
Solutions and examples that cover both UNIX® and Windows®
Practical, time-tested, real-world actions you can take to secure your systems
Instructions for building your own inexpensive malware code analysis lab so you can get familiar with attack and defensive tools harmlessly!
Malware: Fighting Malicious Code is intended for system administrators, network personnel, security personnel, savvy home computer users, and anyone else interested in keeping their systems safe from attackers.
Foreword.
Acknowledgments.
1. Introduction.
Defining the Problem. Why Is Malicious Code So Prevalent? Types of Malicious Code. Malicious Code History. Why This Book? What To Expect. References.
2. Viruses.
The Early History of Computer Viruses. Infection Mechanisms and Targets. Virus Propagation Mechanisms. Defending against Viruses. Malware Self-Preservation Techniques. Conclusions. Summary. References.
3. Worms.
Why Worms? A Brief History of Worms. Worm Components. Impediments to Worm Spread. The Coming Super Worms. Bigger Isn't Always Better: The Un-Super Worm. Worm Defenses. Conclusions. Summary. References.
4. Malicious Mobile Code.
Browser Scripts. ActiveX Controls. Java Applets. Mobile Code in E-Mail Clients. Distributed Applications and Mobile Code. Additional Defenses against Malicious Mobile Code. Conclusions. Summary. References.
5. Backdoors.
Different Kinds of Backdoor Access. Installing Backdoors. Starting Backdoors Automatically. All-Purpose Network Connection Gadget: Netcat. Network Computing. Backdoors without Ports. Conclusions. Summary. References.
6. Trojan Horses.
What's in a Name? Wrap Stars. Trojaning Software Distribution Sites. Poisoning the Source. Co-opting a Browser: Setiri. Hiding Data in Executables: Stego and Polymorphism. Conclusions. Summary. References.
7. User-Mode RootKits.
UNIX User-mode RootKits. Windows User-Mode RootKits. Conclusions. Summary. References.
8. Kernel-Mode RootKits.
What Is the Kernel? Kernel Manipulation Impact. The Linux Kernel. The Windows Kernel. Conclusions. Summary. References.
9. Going Deeper.
Setting the Stage: Different Layers of Malware. Going Deeper: The Possibility of BIOS and Malware Microcode. Combo Malware. Conclusions. Summary. References.
10. Scenarios.
Scenario 1: A Fly in the Ointment. Scenario 2: Invasion of the Kernel Snatchers. Scenario 3: Silence of the Worms. Conclusions. Summary.
11. Malware Analysis.
Building a Malware Analysis Laboratory. Malware Analysis Process. Conclusion. Summary. References.
12. Conclusion.
Useful Web Sites for Keeping Up. Parting Thoughts.
Index.
Malicious code is a set of instructions that runs on your computer and makes
your system do something that you do not want it to do. For example, it can
delete sensitive configuration files from your hard drive, rendering your
computer completely inoperable; infect your computer and use it as a jumpingoff
point to spread to all of your buddies' computers; and steal files from your
machine. Malicious code in the hands of a crafty attacker is indeed powerful.
It's becoming even more of a problem because many of the very same factors
fueling the evolution of the computer industry are making our systems even
more vulnerable to malicious code. Specifically, malicious code writers benefit
from the trends toward mixing static data and executable instructions,
increasingly homogenous computing environments, unprecedented
connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis
addressed malicious code in just one chapter of his previous book. Here, a
dozen chapters focus on one of the most interesting and rapidly developing
areas of computer attacks.
*Chapter 11, Defender's Toolbox, rolls together the defensive strategies
described in the book. As a bonus, Skoudis gives recipes for creating your own
malicious code analysis laboratory using cheap hardware and software.
*Foreword by Gene Schultz, security inspector for Global Integrity.