Malware: Fighting Malicious Code
by Ed Skoudis, Lenny Zeltser
List Price:
Our Price: $36.89
You Save: $28.10 (43%)
Availability: Usually ships in 1-2 business days
Buy Used: from $14.87 (click here)
Category: Book
See more book details and other editions
Book Summary Information
Author: Ed Skoudis, Lenny ZeltserEdition: Paperback
Audio: English (Unknown); English (Original Language); English (Published)
Published: 2003-11-17
ISBN: 0131014056
Number of pages: 672
Publisher: Prentice Hall
Book Reviews of Malware: Fighting Malicious Code
Book Review: Parts of this book should be a must read for EVERYONE!
Summary: 5 Stars
Working with a computer that doesn't want to behave on its own is frustrating enough. Between buggy code and the blue screen of death, many of us have wanted to throw our computers against the wall. Unfortunately, not only do we need to deal with these wonderful, little problems, but we also need to deal with programs that are intentionally trying to inflict problems on or through our computers.These programs, collectively called "malware", include many different categories; however, we know them best as the "virus", "Trojan horse", "rootkits", "backdoors", and a lot of others. These malware tools (based on "mal", the Latin word for "bad" or "evil") are the bane not only of system administrators but also of the average home user who just doesn't know any better.
"Malware: Fighting Malicious Code" by Ed Skoudis is meant to educate the reader not only of the dangers of malware but also of ways to combat malware.
"To defeat your enemy, you first must know him." - Sun Tzu
This phrase is the core philosophy of this book. This 647-page fighter's manual is the computer-age version of Tzu's "The Art of War", except in this case the war is between you and the low-life morons who create the programs that facilitated the need for Skoudis to write this book.
I found this book to be far more fascinating than I thought it would be. After all, how exciting can a book about virii and Trojan horses really be? "Malware" is written with a surprising amount of detailed, historical facts, real-world examples, and light-hearted humor that help to keep your attention. The author also takes extra steps to differentiate between the various types of malware. After all, how many people do you know who continually (and incorrectly) use "virus", "Trojan horse", and "worm" interchangeably? How many of you are guilty of it yourselves?
"Malware" covers a lot more than you would probably expect such a book to cover. Not only does it cover the more commonly-know malware, such as virii, Trojn horses, and worms, but it also covers topics like ActiveX Controls, Java applets, JavaScript, backdoors, and many others. It also contains a great deal of information on root kits, both user and kernel modes.
Sections of the book even go deeper into the possibilities of malware attacks against the system BIOS and microcode.
Those who expect this book to deal primarily with Windows will likely be surprised in the amount of detail that is given to UNIX (primarily Solaris) and Linux as well as Windows. In fact, each of these have their own chapters with respect to rootkits and kernel attacks. These chapters can be very dry, but there is a great deal of information in these chapters that any serious system administrator who is interested in security (as we all should be) should read.
The author goes into respectable detail regarding how the various types of malware attack and propagate, not only from a basic functional point of view but also from a detailed step-by-step method to explain exactly what each type of malware does at any given step.
An entire chapter is dedicated to analyzing malware. He gives solid theories on how to best set up an environment that will help you to detect, analyze, and build up a defense again malware before you introduce it into your organization. As many system administrators have found out at one time or another, sometimes spending time to find a prevention is much better than wasting time to fix a problem that is allowed to propagate. More often than not, playing "clean up" takes far, far more time than the time it takes to prevent an outbreak in the first place.
With the exception of the excessive dryness of and technical knowledge needed for the various rootkit chapters, I actually ate this book up. The majority of the book is not a difficult read, and I found it fascinating to read how these programs have evolved. In fact, malware has been around a lot longer than most people suspect.
The only problem that I had with the book is that the author was very clearly trying to not anger anyone, which I think forced him to not be straightforward on some issues. In particular, he has a whole chapter about ActiveX malware, yet he very blatantly neglects to mention the easiest and most obvious method of avoiding ActiveX problems - STOP USING INTERNET EXPLORER AND OUTLOOK! These are the only two major tools that use ActiveX since ActiveX is a Microsoft-proprietary component. So, to defend yourself against Internet Explorer and Outlook malware, such as plug-ins that take control of IE, STOP USING THEM! Mozilla, Netscape, and Eudora are free and work beautifully! There is no shame, anger, or bias in telling the truth that the best way to avoid ActiveX problems is to use tools that do not use ActiveX. I'm sure that he knows very well that this is the truth, considering the huge amount of detail that the book entails; but I am very certain that he neglected to say it because he (or the publisher) was skittish about upsetting the All-Powerful, All-Mighty Bill, which is completely unfair to the reader. Yes, I'll admit that I'm being anally retentive on that, but there is nothing wrong with saying, "Hey, folks! There are more secure alternatives out there that (gasp!) have nothing to do with Microsoft!"
Regardless, this book is a must-read for any security administrator who thinks he's knowledgeable about these matters. If you're a security administrator who thinks that you know just about all there is to malware or that a firewall and a virus scanner are all that you need, I can just about guarantee that this book will have your intelligence ego eating humble pie. The fact is that the enemy is far more complicated and intelligent than most network administrators will admit, and this book definitely helps you to know your enemy.
And just consider that the enemy will only get more intelligent and devious in the future.
Summary of Malware: Fighting Malicious Code
Malicious code is a set of instructions that runs on your computer and makes your system do something that you do not want it to do. For example, it can delete sensitive configuration files from your hard drive, rendering your computer completely inoperable; infect your computer and use it as a jumpingoff point to spread to all of your buddies' computers; and steal files from your machine. Malicious code in the hands of a crafty attacker is indeed powerful. It's becoming even more of a problem because many of the very same factors fueling the evolution of the computer industry are making our systems even more vulnerable to malicious code. Specifically, malicious code writers benefit from the trends toward mixing static data and executable instructions, increasingly homogenous computing environments, unprecedented connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis addressed malicious code in just one chapter of his previous book. Here, a dozen chapters focus on one of the most interesting and rapidly developing areas of computer attacks. *Chapter 11, "Defender's Toolbox," rolls together the defensive strategies described in the book. As a bonus, Skoudis gives recipes for creating your own malicious code analysis laboratory using cheap hardware and software. *Foreword by Gene Schultz, security inspector for Global Integrity.Hackers Books
- Arts & Photography
- Biographies & Memoirs
- Business & Investing
- Children's Books
- Comics & Graphic Novels
- Computers & Internet
- Cooking, Food & Wine
- Entertainment
- Gay & Lesbian
- Health, Mind & Body
- History
- Home & Garden
- Horror
- Law
- Literature & Fiction
- Mystery & Thrillers
- Nonfiction
- Outdoors & Nature
- Parenting & Families
- Professional & Technical
- Reference
- Religion & Spirituality
- Romance
- Science
- Science Fiction & Fantasy
- Sports
- Teens
- Travel
Advances in Digital Forensics IV (IFIP International Federation for Information Processing) (IFIP Advances in Information and Communication Technology) (No. IV)Springer; Published: 2008-08-28; Hardcover; Book
Best price: $8.50
Price in other shops:
Insider Attack and Cyber Security: Beyond the Hacker (Advances in Information Security)Springer; Published: 2008-04-07; Hardcover; Book
Best price: $69.01
Price in other shops:
Wi-Foo II: The Secrets of Wireless Hacking (2nd Edition)by Andrew Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky
Addison-Wesley Professional; Published: 2007-10; Paperback; Book
Price in other shops:
Encyclopedia of Hacking: Headline Makers, Hack Attacks and Hacking Solutionsby Bernadette H. Schell
Greenwood Press; Published: 2005-12; Hardcover; Book
DarkMarket: Cyberthieves, Cybercops and Youby Misha Glenny
Knopf; Published: 2011-10-04; Hardcover; Book
Best price: $9.97
Price in other shops:
The New Hacker's Dictionary - 3rd EditionThe MIT Press; Published: 1996-10-11; Paperback; Book
Best price: $9.98
Price in other shops:
Hacker's Delightby Henry S. Warren
Addison-Wesley Professional; Published: 2002-07-27; Hardcover; Book
Best price: $32.98
Price in other shops:
The Social Net: Understanding Human Behavior in CyberspaceOxford University Press, USA; Published: 2005-06-16; Paperback; Book
Best price: $50.60
Price in other shops:
Hacking For Dummiesby Kevin Beaver
For Dummies; Published: 2010-01-12; Paperback; Book
Best price: $16.21
Price in other shops:
Hacking For Dummies (For Dummies (Computers))by Kevin Beaver
For Dummies; Published: 2006-10-30; Paperback; Book
Best price: $4.97
Price in other shops:
Cryptography Decryptedby H. X. Mel, Doris M. Baker
Addison-Wesley Professional; Published: 2000-12-31; Paperback; Book
Best price: $30.00
Price in other shops:
Hacking Exposed: Network Security Secrets and Solutions, Sixth Editionby Stuart McClure, Joel Scambray, George Kurtz
McGraw-Hill Osborne Media; Published: 2009-01-05; Paperback; Book
Best price: $24.00
Price in other shops:
Digital Evidence and Computer Crime, Third Edition: Forensic Science, Computers, and the Internetby Eoghan Casey BS MA
Academic Press; Published: 2011-05-04; Hardcover; Book
Best price: $29.01
Price in other shops:
The Art of Computer Virus Research and Defenseby Peter Szor
Addison-Wesley Professional; Published: 2005-02-13; Paperback; Book
Best price: $21.00
Price in other shops:
Hacking: The Next Generation (Animal Guide)by Nitesh Dhanjani, Billy Rios, Brett Hardin
O'Reilly Media; Published: 2009-09-28; Paperback; Book
Best price: $20.55
Price in other shops:
Malware Forensics: Investigating and Analyzing Malicious Codeby Cameron H. Malin, Eoghan Casey, James M. Aquilina
Syngress; Published: 2008-06-30; Paperback; Book
Best price: $29.51
Price in other shops:
Reversing: Secrets of Reverse Engineeringby Eldad Eilam
Wiley; Published: 2005-04-15; Paperback; Book
Best price: $21.40
Price in other shops:
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)by Edward Skoudis, Tom Liston
Prentice Hall; Published: 2006-01-02; Paperback; Book
Best price: $30.00
Price in other shops:
Metasploit: The Penetration Tester's Guideby David Kennedy, Jim O'Gorman, Devon Kearns, Mati Aharoni
No Starch Press; Published: 2011-07-22; Paperback; Book
Best price: $27.24
Price in other shops:
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Codeby Michael Ligh, Steven Adair, Blake Hartstein, Matthew Richard
Wiley; Published: 2010-11-02; Paperback; Book
Best price: $32.17
Price in other shops: