Customer Rating: 
Summary: Great resource
Comment: Nutshell review - This is a really good book, well written, easy to digest and follow. Good coverage and enough depth to provide a decent grounding from which further research into specific areas of interest can be launched.
Customer Rating:
Summary: still seems up-to-date although 3 years old.
Comment: Great book explaining all the different types of malware out there. Skoudis helps to understand the technical details of each malware type without going into too much detail. The links provided, altough a few years old, are all still relevant.
Customer Rating:
Summary: Good book and worth a read
Comment: This is a good book. Ed has become a master in this filed and he put tons of good stuff in the book.
Customer Rating:
Summary: Many "big names" in infosec give this a 5 and they're right!
Comment: I am fortunate to have an autographed copy from when Mr. Skoudis taught a SANS class I attended; and have had to take a lot of time getting it read in the meantime. This is the book that I would recommend to anyone that would learn the workings of worm, virus, trojan horse and other malware - not how to write them, but how to understand and deal with them. The information on setting up a lab to examine these critters is a good start for those wanting to understand attacks - but like other reviewers have said, this book is not for one without a grounding in computer security.
Customer Rating:
Summary: Best available
Comment: This book provides the best review of malicious software that is presently available. If you need a comprehensive reference then this is the book for you. The author is a well-known and respected security analyst and this book provides solid information at a level suitable for the system administrator. Unlike so many books of this type, it is not a camouflaged endorsement of some vendor's products or a simplistic and alarmist text.
Topics covered include:
- viruses, with a brief history and description of the various types and their mechanisms;
- worms, again with a brief history and description of the various types and their mechanisms;
- mobile code, including browser scripts, ActiveX controls, Java applets and mobile code as it occurs in email clients and distributed applications. Given the increasing amount of mobile code, this is particularly valuable;
- backdoors, particularly Netcat and VNC but covering some others as well;
- trojans inlcuding wrappers, source poisoning and browser co-option;
- rootkits for Unix andWindows;
- kernel-mode rotkits for linux and Windows;
- possible modes, including BIOS and microcode attacks.
"Encyclopediac" is the only description I can give, but be warned that it's not for the general reader, or for newbies.
|
|
