Cargando…
Rootkits and bootkits : reversing modern malware and next generation threats /
"Presents information on the history of malware, how it works and how to identify it, and how to counter and prevent threats"--
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
San Francisco :
No Starch Press, Inc.,
[2019]
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a22000008i 4500 | ||
|---|---|---|---|
| 001 | OR_on1005741834 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr ||||||||||| | ||
| 008 | 171005s2019 cau ob 001 0 eng | ||
| 010 | |a 2017048113 | ||
| 040 | |a DLC |b eng |e rda |e pn |c DLC |d OCLCF |d OCLCO |d OCLCA |d OCLCQ |d N$T |d OCL |d CEF |d G3B |d UMI |d RECBK |d C6I |d EBLCP |d COO |d OCL |d OCLCO |d OCLCQ | ||
| 019 | |a 1102606598 |a 1103555590 |a 1103671222 | ||
| 020 | |a 1593278837 |q (epub) | ||
| 020 | |a 9781593278830 |q (electronic bk.) | ||
| 020 | |z 9781593277161 |q (pbk.) | ||
| 024 | 8 | |a 9781492071259 | |
| 028 | 0 | 2 | |a EB00756212 |b Recorded Books |
| 029 | 1 | |a AU@ |b 000065313640 | |
| 029 | 1 | |a CHNEW |b 001059195 | |
| 029 | 1 | |a CHVBK |b 569757983 | |
| 029 | 1 | |a AU@ |b 000073549968 | |
| 035 | |a (OCoLC)1005741834 |z (OCoLC)1102606598 |z (OCoLC)1103555590 |z (OCoLC)1103671222 | ||
| 037 | |a CL0501000051 |b Safari Books Online | ||
| 042 | |a pcc | ||
| 050 | 1 | 0 | |a QA76.9.A25 |
| 082 | 0 | 0 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Matrosov, Alex, |e author. | |
| 245 | 1 | 0 | |a Rootkits and bootkits : |b reversing modern malware and next generation threats / |c by Alex Matsorov, Eugene Rodionov, and Sergey Bratus. |
| 263 | |a 1802 | ||
| 264 | 1 | |a San Francisco : |b No Starch Press, Inc., |c [2019] | |
| 300 | |a 1 online resource | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a text file | ||
| 520 | |a "Presents information on the history of malware, how it works and how to identify it, and how to counter and prevent threats"-- |c Provided by publisher | ||
| 588 | 0 | |a Print version record and CIP data provided by publisher; resource not viewed. | |
| 504 | |a Includes bibliographical references and index. | ||
| 505 | 0 | |a Intro; Brief Contents; Contents in Detail; Foreword; Acknowledgments; Abbreviations; Introduction; Why Read This Book?; What's in the Book?; Part 1: Rootkits; Part 2: Bootkits; Part 3: Defense and Forensic Techniques; How to Read This Book; Part I: Rootkits; Chapter 1: What's in a Rootkit: The TDL3 Case Study; History of TDL3 Distribution in the Wild; Infection Routine; Controlling the Flow of Data; Bring Your Own Linker; How TDL3's Kernel-Mode Hooks Work; The Hidden Filesystem; Conclusion: TDL3 Meets Its Nemesis; Chapter 2: Festi Rootkit: The Most Advanced Spam and DDoS Bot | |
| 505 | 8 | |a The Case of Festi BotnetDissecting the Rootkit Driver; Festi Configuration Information for C & C Communication; Festi's Object-Oriented Framework; Plug-in Management; Built-in Plug-ins; Anti-Virtual Machine Techniques; Antidebugging Techniques; The Method for Hiding the Malicious Driver on Disk; The Method for Protecting the Festi Registry Key; The Festi Network Communication Protocol; Initialization Phase; Work Phase; Bypassing Security and Forensics Software; The Domain Generation Algorithm for C & C Failure; Malicious Functionality; The Spam Module; The DDoS Engine; Festi Proxy Plug-in | |
| 505 | 8 | |a ConclusionChapter 3: Observing Rootkit Infections; Methods of Interception; Intercepting System Events; Intercepting System Calls; Intercepting the File Operations; Intercepting the Object Dispatcher; Restoring the System Kernel; The Great Rootkits Arms Race: A Nostalgic Note; Conclusion; Part II: Bootkits; Chapter 4: Evolution of the Bootkit; The First Bootkits; Boot Sector Infectors; Elk Cloner and Load Runner; The Brain Virus; The Evolution of Bootkits; The End of the BSI Era; The Kernel-Mode Code Signing Policy; The Rise of Secure Boot; Modern Bootkits; Conclusion | |
| 505 | 8 | |a Chapter 5: Operating System Boot Process EssentialsHigh-Level Overview of the Windows Boot Process; The Legacy Boot Process; The Windows Boot Process; BIOS and the Preboot Environment; The Master Boot Record; The Volume Boot Record and Initial Program Loader; The bootmgr Module and Boot Configuration Data; Conclusion; Chapter 6: Boot Process Security; The Early Launch Anti-Malware Module; API Callback Routines; How Bootkits Bypass ELAM; Microsoft Kernel-Mode Code Signing Policy; Kernel-Mode Drivers Subject to Integrity Checks; Location of Driver Signatures; The Legacy Code Integrity Weakness | |
| 505 | 8 | |a The ci.dll ModuleDefensive Changes in Windows 8; Secure Boot Technology; Virtualization-Based Security in Windows 10; Second Level Address Translation; Virtual Secure Mode and Device Guard; Device Guard Limitations on Driver Development; Conclusion; Chapter 7: Bootkit Infection Techniques; MBR Infection Techniques; MBR Code Modification: The TDL4 Infection Technique; MBR Partition Table Modification; VBR/IPL Infection Techniques; IPL Modifications: Rovnix; VBR Infection: Gapz; Conclusion; Chapter 8: Static Analysis of a Bootkit Using IDA Pro; Analyzing the Bootkit MBR | |
| 542 | |f Copyright © No Starch Press | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Malware (Computer software) | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Logiciels malveillants. | |
| 650 | 7 | |a COMPUTERS |x Security |x Viruses & Malware. |2 bisacsh | |
| 650 | 7 | |a Computer security. |2 fast |0 (OCoLC)fst00872484 | |
| 650 | 7 | |a Malware (Computer software) |2 fast |0 (OCoLC)fst01748230 | |
| 700 | 1 | |a Rodionov, Eugene, |e author. | |
| 700 | 1 | |a Bratus, Sergey, |e author. | |
| 776 | 0 | 8 | |i Print version: |a Matsorov, Alex. |t Rootkits and bootkits. |d San Francisco : No Starch Press, Inc., [2019] |z 9781593277161 |w (DLC) 2017022905 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781492071259/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6071802 | ||
| 938 | |a EBSCOhost |b EBSC |n 2037795 | ||
| 938 | |a Recorded Books, LLC |b RECE |n rbeEB00756212 | ||
| 994 | |a 92 |b IZTAP | ||