Customer Rating: 
Summary: Right book, right time
Comment: Malware Forensics by Aquilina, Casey and Malin, is one of those fortunate instances of a technical work being on the right topic at the right time. As increasing legions of personal computers are becoming possessed by an overwhelming variety of unsolicited "warez" which steal information, consume bandwidth, and poison OSs, it is refreshing to find a work such as this, which comprehensively treats the collection, identification and forensic analysis of a broad range of malicious code from the perspectives of both the security specialist and the law-enforcement professional. Particularly useful features of the book are the "Case Scenarios" which allow the reader to identify familiar patterns in the delivery system and behavior of malware examples, the "Analysis Tips" which are enormously helpful in avoiding wasted effort, and the guidance offered in Chapter 1 for the development of a customized toolkit. I was intrigued by the thorough treatment of Memory Forensics (Chapter 3) which, alone, offers ample justification for purchasing this work. I was also impressed by Chapters 2,5,8 and 10 which illustrate how useful Linux can be in isolating and analyzing malware. This book merits being read by every active IT security professional and of being kept as an important reference and instructional work. Kudos to Curtis Rose for bringing it together. Hopefully we'll hear more from these authors separately and/or together.
James C. Smith, Ph.D.
Customer Rating:
Summary: Comprehensive resource for live response and analysis.
Comment: I couldn't agree more with the previous reviews...
With accuracy, detail, and clarity the authors were able to provide a resource that not only answers the needs of highly seasoned system administrators, but also caters to those who may work on the periphery of systems affected by malware. Any investigation into malcode forensics will be enhanced by referring to this book. The exploration of different forsensic tools available out there really expanded my toolbox. I found chapter six - "Legal Considerations" to be an excellent addition to this book. If you want to dive "full bore" into malware extraction, analysis, and identification, keep this book nearby and you'll find it streamlines the process for you. Thanks for the great book!
Customer Rating:
Summary: A must have for investigators and attorneys advising corporate clients
Comment: This book is a must have for attorneys and investigators dealing with corporations victimized by internet criminals looking to steal the keys to the digital vault. It is the most complete treatment of the legal and investigative issues facing forensic investigators and corporate victims in determining the origins of the attack as well as its intent. Also, unlike most works in this area it provides analysis of the regulatory schemes both domestic and international which impact the nature and extent of these investigations. A must have resource.
Customer Rating:
Summary: soup to nuts
Comment: I had been searching for a reference guide to help my company deal with some network anomalies and was recommended this book from a colleague.
Pros: Let me begin first by saying this is a very down-in-the-dirt detailed book and has certainly earned its spot on my desk. The book shows you not only how to pick your malware apart (I'm all about details and am the type of person that will want to know exactly what a piece of code did), but also how you could use the information you find to prosecute those pesky haxors. Like "uke92," I also liked the "alternative tools text boxes," as it allows me to play/shop around with all the tools available out there.
Cons:I would have liked to see this book broken up into two as I deal primarily with Windows systems. That way, I might have saved a few bucks. Other than that, can't wait to see what these guys put out next.
Customer Rating:
Summary: Remarkable
Comment: With over 10 years in IT, I constantly look for quality reference materials to stay current. This is, without question, the most complete and readable malware book I have found. The examples and illustrations are direct and on point, allowing even those with less technical experience to understand the investigative process, while remaining highly relevant to seasoned IT professionals. Unlike most other work, this work provides the insight of the legal process that can only be gained from first hand experience. The author clearly has set the standard for computer forensics guides.
|
|
