Malware: Fighting Malicious Code (Paperback)
暫譯: 惡意軟體:對抗惡意程式碼 (平裝本)
Ed Skoudis, Lenny Zeltser
- 出版商: Prentice Hall
- 出版日期: 2003-11-07
- 售價: $2,050
- 貴賓價: 9.5 折 $1,948
- 語言: 英文
- 頁數: 672
- 裝訂: Paperback
- ISBN: 0131014056
- ISBN-13: 9780131014053
-
相關分類:
Cisco、資訊安全
立即出貨(限量) (庫存=1)
買這商品的人也買了...
-
$1,029Fundamentals of Data Structures in C++ -
計算機組織與設計--軟硬體界面第二版 (Computer Organization & Design, 2/e)$680$537 -
SQL Server 2000 設計實務$650$514 -
C++ Primer, 3/e 中文版$980$774 -
LPI Linux 資格檢定 (LPI Linux Certification in a Nutshell)$880$695 -
$1,029Operating System Concepts, 6/e (Windows XP Update) -
Web 好色-網頁色彩學$420$328 -
ASP.NET 程式設計徹底研究$590$466 -
STRUTS 實作手冊(Struts in Action: Building Web Applications with the Leading Java Framework)$690$538 -
重構─改善既有程式的設計$720$569 -
鳥哥的 Linux 私房菜-伺服器架設篇$750$638 -
詳解 JavaScript & HTML & CSS 語法辭典$490$382 -
Tomcat 技術手冊 (Tomcat: The Definitive Guide)$720$569 -
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560$476 -
Linux 防火牆:iptables$450$356 -
Web 配色事典﹝活用網頁安全色﹞$390$304 -
SQL Server 效能調校聖經$720$612 -
Linux 驅動程式 (Linux Device Drivers, 2/e)$880$695 -
SCJP‧SCJD 專業認證指南 (Sun Certified Programmer & Developer for Java 2 #310-305 與310-027)$850$723 -
專案管理實務入門-引導專案成功的52條準則$280$218 -
人月神話:軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)$480$379 -
JSP 2.0 技術手冊$750$593 -
建構嵌入式 Linux 系統$780$616 -
CCNA 認證教戰手冊 Exam 640-801 (CCNA Cisco Certified Network Associate Study Guide, 4/e)$780$616 -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507
商品描述
Summary
- Reveals how attackers install malicious code and how they evade detection
- Shows how you can defeat their schemes and keep your computers and network safe!
- Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats
- Explains how to handle today's threats, with an eye on handling the threats to come
"This is a truly outstanding book-enormous technical wealth and beautifully written."
—Warwick Ford"Ed does it again, piercing the veil of mystery surrounding many of the more technical aspects of computer security!"
—Harlan Carvey, CISSP"This book is entertaining and informative, while justifiably scaring you. Luckily it also tells you how to protect yourself, but makes you realize it's going to be a permanent spy-vs-spy struggle."
—Radia Perlman, Distinguished Engineer, Sun MicrosystemsKeep control of your systems out of the hands of unknown attackers
Ignoring the threat of malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data-all without your knowledge! Written for computer pros and savvy home users by computer security expert Edward Skoudis, Malware: Fighting Malicious Code covers everything you need to know about malware, and how to defeat it!
This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn. This book includes:
- Solutions and examples that cover both UNIX® and Windows®
- Practical, time-tested, real-world actions you can take to secure your systems
- Instructions for building your own inexpensive malware code analysis lab so you can get familiar with attack and defensive tools harmlessly!
Malware: Fighting Malicious Code is intended for system administrators, network personnel, security personnel, savvy home computer users, and anyone else interested in keeping their systems safe from attackers.
Table of Contents
Foreword.
Acknowledgments.
1. Introduction.
Defining the Problem. Why Is Malicious Code So Prevalent? Types of Malicious Code. Malicious Code History. Why This Book? What To Expect. References.2. Viruses.
The Early History of Computer Viruses. Infection Mechanisms and Targets. Virus Propagation Mechanisms. Defending against Viruses. Malware Self-Preservation Techniques. Conclusions. Summary. References.3. Worms.
Why Worms? A Brief History of Worms. Worm Components. Impediments to Worm Spread. The Coming Super Worms. Bigger Isn't Always Better: The Un-Super Worm. Worm Defenses. Conclusions. Summary. References.4. Malicious Mobile Code.
Browser Scripts. ActiveX Controls. Java Applets. Mobile Code in E-Mail Clients. Distributed Applications and Mobile Code. Additional Defenses against Malicious Mobile Code. Conclusions. Summary. References.5. Backdoors.
Different Kinds of Backdoor Access. Installing Backdoors. Starting Backdoors Automatically. All-Purpose Network Connection Gadget: Netcat. Network Computing. Backdoors without Ports. Conclusions. Summary. References.6. Trojan Horses.
What's in a Name? Wrap Stars. Trojaning Software Distribution Sites. Poisoning the Source. Co-opting a Browser: Setiri. Hiding Data in Executables: Stego and Polymorphism. Conclusions. Summary. References.7. User-Mode RootKits.
UNIX User-mode RootKits. Windows User-Mode RootKits. Conclusions. Summary. References.8. Kernel-Mode RootKits.
What Is the Kernel? Kernel Manipulation Impact. The Linux Kernel. The Windows Kernel. Conclusions. Summary. References.9. Going Deeper.
Setting the Stage: Different Layers of Malware. Going Deeper: The Possibility of BIOS and Malware Microcode. Combo Malware. Conclusions. Summary. References.10. Scenarios.
Scenario 1: A Fly in the Ointment. Scenario 2: Invasion of the Kernel Snatchers. Scenario 3: Silence of the Worms. Conclusions. Summary.11. Malware Analysis.
Building a Malware Analysis Laboratory. Malware Analysis Process. Conclusion. Summary. References.12. Conclusion.
Useful Web Sites for Keeping Up. Parting Thoughts.Index.
商品描述(中文翻譯)
摘要
- 揭示攻擊者如何安裝惡意程式碼以及他們如何逃避檢測
- 展示您如何擊敗他們的計畫,並保持您的電腦和網路安全!
- 詳細介紹病毒、蠕蟲、後門、木馬、RootKits 及其他威脅
- 解釋如何應對當今的威脅,並著眼於未來可能出現的威脅
「這是一本真正出色的書——技術內容豐富且文筆優美。」
—Warwick Ford
「Ed 再次做到了,揭開了許多電腦安全技術方面的神秘面紗!」
—Harlan Carvey, CISSP
「這本書既有趣又具資訊性,同時也讓你感到合理的恐懼。幸運的是,它還告訴你如何保護自己,但讓你意識到這將是一場持久的間諜對抗間諜的鬥爭。」
—Radia Perlman, Distinguished Engineer, Sun Microsystems
保持對您的系統的控制,遠離未知攻擊者的手中
忽視惡意軟體的威脅是您在當今日益敵對的計算環境中可以做的最魯莽的事情之一。惡意軟體是植入您電腦中的惡意程式碼,它可以在您不知情的情況下,給攻擊者帶來對您的系統、網路和數據的驚人控制!這本書由電腦安全專家 Edward Skoudis 撰寫,惡意程式碼:對抗惡意程式碼 涵蓋了您需要了解的有關惡意軟體的所有內容,以及如何擊敗它!
本書為每種類型的惡意軟體專門撰寫了一整章——病毒、蠕蟲、通過網頁瀏覽器和電子郵件客戶端傳遞的惡意程式碼、後門、木馬、用戶級 RootKits 和內核級操作。您將了解攻擊的特徵和方法、演變趨勢,以及如何防禦每種類型的攻擊。真實的惡意軟體攻擊案例幫助您將思考轉化為行動,而一章特別的防禦者工具箱則展示了如何建立自己的廉價程式碼分析實驗室,以便您能夠獨立調查新的惡意軟體樣本。在整個過程中,Skoudis 清晰而引人入勝的風格使得材料易於接觸和學習。本書包括:
- 涵蓋 UNIX® 和 Windows® 的解決方案和範例
- 實用的、經過時間考驗的、可行的行動,幫助您保護系統
- 建立自己的廉價惡意程式碼分析實驗室的指導,以便您能夠無害地熟悉攻擊和防禦工具!
惡意程式碼:對抗惡意程式碼 旨在為系統管理員、網路人員、安全人員、精明的家庭電腦用戶以及任何其他希望保護其系統免受攻擊者侵害的人士提供幫助。
目錄
前言。
致謝。
1. 介紹。
定義問題。為什麼惡意程式碼如此普遍?惡意程式碼的類型。惡意程式碼的歷史。為什麼選擇這本書?期望什麼。參考文獻。
2. 病毒。
電腦病毒的早期歷史。感染機制和目標。病毒傳播機制。防禦病毒。惡意程式碼自我保護技術。結論。摘要。參考文獻。
3. 蠕蟲。
為什麼是蠕蟲?蠕蟲的簡要歷史。蠕蟲組件。蠕蟲擴散的障礙。即將來臨的超級蠕蟲。更大不一定更好:非超級蠕蟲。蠕蟲防禦。結論。摘要。參考文獻。
4. 惡意移動程式碼。
瀏覽器腳本。ActiveX 控制項。Java Applets。電子郵件客戶端中的移動程式碼。分散式應用程式和移動程式碼。對抗惡意移動程式碼的額外防禦。結論。摘要。參考文獻。
5. 後門。
不同類型的後門訪問。安裝後門。自動啟動後門。通用網路連接工具:Netcat。網路計算。無端口的後門。結論。摘要。參考文獻。
6. 木馬。
名字的含義?包裝明星。木馬化軟體分發網站。毒化來源。共用瀏覽器:Setiri。在可執行檔中隱藏數據:Stego 和多形性。結論。摘要。參考文獻。
7. 用戶模式 RootKits。
UNIX 用戶模式 RootKits。Windows 用戶模式 RootKits。結論。摘要。參考文獻。
8. 內核模式 RootKits。
什麼是內核?內核操作的影響。Linux 內核。Windows 內核。結論。摘要。參考文獻。
9. 更深入的探討。
設定舞台:惡意程式碼的不同層次。更深入的探討:BIOS 和惡意程式碼微碼的可能性。組合惡意程式碼。結論。摘要。參考文獻。
10. 情境。
情境 1:一個小問題。情境 2:內核掠奪者的入侵。情境 3:蠕蟲的沉默。結論。摘要。
11. 惡意程式碼分析。
建立惡意程式碼分析實驗室。惡意程式碼分析過程。結論。摘要。參考文獻。
12. 結論。
有用的網站以保持更新。告別的思考。
索引。
