Cargando…

Malware, rootkits & botnets : a beginner's guide /

Security Smarts for the Self-Guided IT Professional Learn how to improve the security posture of your organization and defend against some of the most pervasive network attacks. Malware, Rootkits & Botnets: A Beginner's Guide explains the nature, sophistication, and danger of these risks an...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Elisan, Christopher C.
Otros Autores: Hypponen, Mikko
Formato: Electrónico eBook
Idioma:Inglés
Publicado: New York : McGraw-Hill, ©2013.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • About the Technical Editors
  • Contents at a Glance
  • Contents
  • Acknowledgments
  • Foreword
  • Introduction
  • Why This Book?
  • Who Should Read This Book
  • What This Book Covers
  • How to Use This Book
  • How This Book Is Organized
  • Part I
  • Part II
  • Part IV
  • About the Series
  • Lingo
  • IMHO
  • Budget Note
  • In Actual Practice
  • Your Plan
  • Into Action
  • Part I: Establishing the Foundation
  • Chapter 1: Getting In Gear
  • A Malware Encounter
  • A Brief Overview of the Threat Landscape
  • Threat to National Security
  • Starting the Journey
  • We've Covered
  • References
  • Chapter 2: A Brief History of Malware
  • Computer Viruses
  • Classification of Computer Viruses
  • Early Challenges
  • Malware
  • Classification of Malware
  • Evolution of Malware
  • Riskware
  • Classification of Riskware
  • Malware Creation Kits
  • The Impact of Malware
  • We've Covered
  • Chapter 3: Cloak of the Rootkit
  • What Is a Rootkit?
  • Environment Mechanics
  • The Operating System Kernel
  • User Mode and Kernel Mode
  • Rings
  • Switching from User Mode to Kernel Mode
  • Types of Rootkits
  • User-Mode Rootkits
  • Kernel-Mode Rootkits
  • Rootkit Techniques
  • Hooking
  • DLL Injection
  • Direct Kernel Object Manipulation
  • Tackling Rootkits
  • We've Covered
  • Chapter 4: Rise of the Botnets
  • What Is a Botnet?
  • Main Characteristics
  • Key Components
  • C&C Structure
  • Botnet Usage
  • Distributed Denial of Service Attack
  • Click Fraud
  • Spam Relay
  • Pay-Per-Install Agent
  • Large-Scale Information Harvesting
  • Information Processing
  • Botnet Protective Mechanisms
  • Bulletproof Hosting
  • Dynamic DNS
  • Fast Fluxing
  • Domain Fluxing
  • The Fight Against Botnets
  • The Technical Front
  • The Legal Front
  • We've Covered
  • References
  • Part II: Welcome to the Jungle.
  • Chapter 5: The Threat Ecosystem
  • The Threat Ecosystem
  • The Technical Element
  • The Human Element
  • The Evolution of the Threat Ecosystem
  • Advanced Persistent Threat
  • The Attack Method
  • The Attack Profitability
  • Malware Economy
  • Malware Outsourcing
  • We've Covered
  • Chapter 6: The Malware Factory
  • The Need to Evade Antivirus
  • Malware Incident Handling Process
  • Malware Detection
  • Circumventing the Antivirus Product
  • The Need for an Army of Malware
  • Next-Generation Malware Kits
  • Stand-Alone Armoring Tools
  • The Impact of an Armored Army of Malware
  • The Malware Factory
  • The Malware Assembly Line
  • The Proliferation of Attacker Tools
  • Malware Population Explosion
  • We've Covered
  • Chapter 7: Infection Vectors
  • Infection Vectors
  • Physical Media
  • E-mail
  • Instant Messaging and Chat
  • Social Networking
  • URL Links
  • File Shares
  • Software Vulnerabilities
  • The Potential of Becoming an Infection Vector
  • We've Covered
  • Chapter 8: The Compromised System
  • The Malware Infection Process
  • Installation of Malware Files
  • Setting Up Malware Persistency
  • Removing Evidence of the Malware Installer
  • Passing Control to the Malware
  • The Active Malware
  • Maintaining the Foothold
  • Communicating with the Attacker
  • Executing the Payload
  • We've Covered
  • Part III: The Enterprise Strikes Back
  • Chapter 9: Protecting the Organization
  • The Threat Incident Responders
  • Understanding the Value of the System
  • Value to the Organization
  • Value to the Attacker
  • Understanding the Characteristics of the System
  • System Type
  • Operational Impact
  • Sensitivity of Hosted Data
  • Users of the System
  • Network Location
  • Accessibility to the Asset
  • Asset Access Rights
  • Recovery
  • System Status
  • Prioritizing the Systems
  • The Organization's Security Posture.
  • Understanding the Cost of Compromise
  • Direct Cost
  • Indirect Cost
  • Protecting the Systems
  • Threat Modeling
  • Identifying the Appropriate Solutions
  • Proactive Threat Detection
  • Creating an Incident Response Plan
  • Identify Different Compromise Scenarios
  • Identify Solution Patterns
  • Define Roles and Responsibilities
  • Establish Protocols
  • Conduct Periodic Dry-Runs
  • Review and Improve
  • Putting Everything into Action
  • Beyond Protection
  • We've Covered
  • Chapter 10: Detecting the Threat
  • Establishing a Baseline
  • Establishing a Network Baseline
  • Establishing a Host Baseline
  • Detecting Anomalies
  • Detecting Network Anomalies
  • Detecting Host Anomalies
  • Isolating the Source of the Anomaly
  • Diving into the Compromised Asset
  • Pinpointing the Malware
  • Classifying the Malware Based on Its Attack Directive
  • We've Covered
  • Chapter 11: Mitigating the Threat
  • Threat Mitigation
  • Immediate Response
  • Containment
  • Verification
  • Threat Detection and Classification
  • Remediation and Restoration
  • Proactive Response
  • Preventive Measures
  • Conducting a Periodic Security Audit
  • The Threat from Insiders
  • Who Are the Insider Threats?
  • Mitigating the Insider Threat
  • Be Vigilant
  • We've Covered
  • Part IV: Final Thoughts
  • Chapter 12: The Never-Ending Race
  • A Short Review of the Book
  • Predictions
  • The Future of Malware
  • The Future of Rootkits
  • The Future of Botnets
  • The Good Guys Are Busy Too
  • The Adventure Has Just Begun
  • We've Covered
  • Appendix A: The Bootup Process
  • The Windows Bootup Process
  • BIOS-Based system
  • EFI-Based System
  • Appendix B: Useful Links
  • Vulnerability Information
  • Free Online Security Products
  • Free File Scanner and Analysis Tools
  • Web Security
  • Malware Trackers
  • Other Important Links
  • Glossary
  • Index.