Don't let another machine become a zombie in the malware army

 

"A harrowing guide to where the bad guys hide, and how you can find them."
--Dan Kaminsky, Director of Penetration Testing, IOActive

"An amazing resource. It is timely, focused, and what we need to better understand and defend
against one of the greatest cyber threats we face."
--From the Foreword by Lance Spitzner, President of the Honeynet Project

Table of Contents

• Section I: Malware
• Case Study 1
• Chapter 1 - Method of Infection
• Chapter 2 - Malware Functionality
• Section II: Rootkits
• Case Study 2
• Chapter 3 - User Mode Rootkits
• Chapter 4 - Kernel Mode Rootkits
• Chapter 5 - Virtual Rootkits
• Chapter 6 - The Future of Rootkits
• Section III: Prevention Technologies
• Case Study 3
• Chapter 7 - Anti-Virus
• Chapter 8 - Personal Firewalls/Pop Up Blockers
• Chapter 9 - Host Based Intrusion Prevention
• Chapter 10 - Anti-Rootkit Technology
• Chapter 11 - General Security Practices
• Appendix A - Building your own rootkit detector
• Appendix B - About the Companion Web Site
• Appendix C - Links and Resources

Hacking Exposed: Malware and Rootkits hits bookstores October 19, 2009!

Defend against the ongoing wave of malware and rootkit assaults the failsafe Hacking Exposed way. Real-world case studies and examples reveal how today's hackers use readily available tools to infiltrate and hijack systems. Step-by-step countermeasures provide proven prevention techniques. Find out how to detect and eliminate malicious embedded code, block pop-ups and websites, prevent keylogging, and terminate rootkits. The latest intrusion detection, firewall, honeynet, antivirus, anti-rootkit, and anti-spyware technologies are covered in detail.

• Understand how malware infects, survives, and propagates across an enterprise
• Learn how hackers use archivers, encryptors, and packers to obfuscate code
• Implement effective intrusion detection and prevention procedures
• Defend against keylogging, redirect, click fraud, and identity theft threats
• Detect, kill, and remove virtual, user-mode, and kernel-mode rootkits
• Prevent malicious website, phishing, client-side, and embedded-code exploits
• Protect hosts using the latest antivirus, pop-up blocker, and firewall software
• Identify and terminate malicious processes using HIPS and NIPS

© Copyright 2009 Michael A. Davis, Sean Bodmer, and Aaron LeMasters