Cargando…
Hacking exposed : malware and rootkits : security secrets & solutions /
Arm yourself for the escalating war against malware and rootkits Thwart debilitating cyber-attacks and dramatically improve your organization's security posture using the proven defense strategies in this thoroughly updated guide. Hacking Exposed"!Malware and Rootkits: Security Secrets &am...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , , , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
New York :
McGraw-Hill Education,
[2017]
|
| Edición: | Second edition. |
| Colección: | Hacking Exposed Ser.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- Dedication
- Contents
- Foreword
- Acknowledgments
- Introduction
- Part I Malware
- CASE STUDY: Please Review This Before Our Quarterly Meeting
- 1 Malware Propagation
- Malware Is Still King
- The Spread of Malware
- Why They Want Your Workstation
- Intent Is Hard to Detect
- It's a Business
- Significant Malware Propagation Techniques
- Social Engineering
- File Execution
- Modern Malware Propagation Techniques
- StormWorm
- Metamorphism
- Obfuscation
- Dynamic Domain Name Services
- Fast Flux
- Malware Propagation Injection Vectors
- Malicious Websites
- Phishing
- Peer-to-Peer (P2P)
- Worms
- Summary
- 2 Malware Functionality
- What Malware Does Once It's Installed
- Pop-ups
- Search Engine Redirection
- Data Theft
- Click Fraud
- Identity Theft
- Keylogging
- Malware Behaviors
- Identifying Installed Malware
- Typical Install Locations
- Installing on Local Drives
- Modifying Timestamps
- Affecting Processes
- Disabling Services
- Modifying the Windows Registry
- Summary
- Part II Rootkits
- CASE STUDY: The Invisible Rootkit That Steals Your Bank Account Data
- Disk Access
- Firewall Bypassing
- Backdoor Communication
- Intent
- Presence and Significance
- 3 User-Mode Rootkits
- Rootkits
- Timeline
- Major Features of Rootkits
- Types of Rootkits
- User-Mode Rootkits
- What Are User-Mode Rootkits?
- Background Technologies
- Injection Techniques
- Hooking Techniques
- User-Mode Rootkit Examples
- Summary
- 4 Kernel-Mode Rootkits
- Ground Level: x86 Architecture Basics
- Instruction Set Architectures and the Operating System
- Protection Rings
- Bridging the Rings
- Kernel Mode: The Digital Wild West
- The Target: Windows Kernel Components
- The Win32 Subsystem
- What Are These APIs Anyway?
- The Concierge: NTDLL. DLL
- Functionality by Committee: The Windows Executive (NTOSKRNL. EXE)
- The Windows Kernel (NTOSKRNL. EXE)
- Device Drivers
- The Windows Hardware Abstraction Layer (HAL)
- Kernel Driver Concepts
- Kernel-Mode Driver Architecture
- Gross Anatomy: A Skeleton Driver
- WDF, KMDF, and UMDF
- Kernel-Mode Rootkits
- What Are Kernel-Mode Rootkits?
- Challenges Faced by Kernel-Mode Rootkits
- Methods and Techniques
- Kernel-Mode Rootkit Samples
- Klog by Clandestiny
- AFX by Aphex
- FU and FUTo by Jamie Butler, Peter Silberman, and C.H.A.O.S
- Shadow Walker by Sherri Sparks and Jamie Butler
- He4Hook by He4 Team
- Sebek by The Honeynet Project
- Summary
- Summary of Countermeasures
- 5 Virtual Rootkits
- Overview of Virtual Machine Technology
- Types of Virtual Machines
- The Hypervisor
- Virtualization Strategies
- Virtual Memory Management
- Virtual Machine Isolation
- Virtual Machine Rootkit Techniques
- Rootkits in the Matrix: How Did We Get Here?!
- What Is a Virtual Rootkit?