- Taschenbuch: 744 Seiten
- Verlag: Wiley; Auflage: Pap/Dvdr (27. Oktober 2010)
- Sprache: Englisch
- ISBN-10: 0470613033
- ISBN-13: 978-0470613030
- Größe und/oder Gewicht: 18,3 x 4,1 x 23,4 cm
- Durchschnittliche Kundenbewertung: Schreiben Sie die erste Bewertung
- Amazon Bestseller-Rang: Nr. 69.199 in Fremdsprachige Bücher (Siehe Top 100 in Fremdsprachige Bücher)
- Komplettes Inhaltsverzeichnis ansehen
Andere Verkäufer auf Amazon
+ GRATIS Lieferung innerhalb Deutschlands
+ GRATIS Lieferung innerhalb Deutschlands
+ EUR 3,00 Versandkosten
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code (Englisch) Taschenbuch – 27. Oktober 2010
|Neu ab||Gebraucht ab|
Wird oft zusammen gekauft
Kunden, die diesen Artikel gekauft haben, kauften auch
Es wird kein Kindle Gerät benötigt. Laden Sie eine der kostenlosen Kindle Apps herunter und beginnen Sie, Kindle-Bücher auf Ihrem Smartphone, Tablet und Computer zu lesen.
Geben Sie Ihre Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.
Wenn Sie dieses Produkt verkaufen, möchten Sie über Seller Support Updates vorschlagen?
Powerful, step-by-step solutions to dozens of common threats
We called this a cookbook because each "recipe" presents both the ingredients and the steps you take to resolve a specific problem or research a given threat. On the DVD, you'll find supporting files and original programs that provide additional resources. You'll learn how to analyze malware using tools written by the authors as well as hundreds of other publicly available tools. If your job involves incident response, computer forensics, systems security, or antivirus research, this book will become invaluable to you.
* Learn to conduct online investigations without revealing your identity
* Use honeypots to collect malware being distributed by bots and worms
* Build a low-budget malware lab with virtualization or bare bones hardware
* Reverse engineer common encoding and encryption algorithms
* Set up an advanced memory forensics platform for malware analysis
* Investigate prevalent threats such as Zeus, Silent Banker, CoreFlood, Conficker, Virut, Clampi, Bankpatch, BlackEnergy, and many more!
On the DVD
Use the files on the DVD to follow along with the recipes or to conduct your own investigations and analyses. You will find:
* Evidence files
* Annotated videos
* Source code
* Windows and Linux tools
* Over 50 original programs in Python, C/C++, and Perl
"The most useful technical security book I've read this year. A must-have for all who protect systems from malicious software."
--Lenny Zeltser, Security Practice Director at Savvis and Senior Faculty Member at SANS Institute
"The ultimate guide for anyone interested in malware analysis."
--Ryan Olson, Director, VeriSign iDefense Rapid Response Team
"Every page is filled with practical malware knowledge, innovative ideas, and useful tools. Worth its weight in gold!"
--AAron Walters, Lead Developer of Volatility and VP of Security R&D at Terremark
Über den Autor und weitere Mitwirkende
Michael Hale Ligh is a malicious code analyst at Verisign iDefense and Chief of Special Projects at MNIN Security.
Steven Adair is a member of the Shadowserver Foundation and frequently analyzes malware and tracks botnets. He also investigates cyber attacks of all kinds with an emphasis on those linked to cyber espionage.
Blake Hartstein is the author of multiple security tools and a Rapid Response Engineer at Verisign iDefense, where he responds to malware incidents.
Matthew Richard has authored numerous security tools and also ran a managed security service for banks and credit unions.
Welche anderen Artikel kaufen Kunden, nachdem sie diesen Artikel angesehen haben?
|5 Sterne (0%)|
|4 Sterne (0%)|
|3 Sterne (0%)|
|2 Sterne (0%)|
|1 Stern (0%)|
Die hilfreichsten Kundenrezensionen auf Amazon.com
I understand that the concepts are key in the long run, and mentioning specific programs can lead to an outdated book faster, but considering this book just came out, the programs are indeed current and work great. The book goes through a good number of programs freely available on the web or included on dvd, and it describes them and how to use them / configure them as well, rather than simply presenting a list of programs.
The book is detailed and in-depth enough to provide good analysis of malware as well. It does assume some prior knowledge of programming, general security concepts, and different OS's, but it provides clear descriptions of malware analysis tools that are easy to follow.
Overall, it's a good book to pick up and work your way through, rather than read your way through. This is simply the way it's structured. As you read each chapter you feel the need to actually sit in front of a computer and FOLLOW the recipes to learn the material - something that can often be difficult to do with other textbooks. So far, my favorite book on the subject!
I am amazed that this book was written by four people because it is written in a consistent and engaging style throughout. There is so much information!! In any other book this would inevitably be boring. But in this book the wealth of techniques, examples and code snippets is a marvelous buffet of mind tickling delicacies. I feel incredibly lucky to have come across it. It has inspired me to write my own honeypot and my own web vulnerability scanner. I have cataloged all the dodgy attachments sent to me and analyzed them with multiscanners and sandboxes. I no longer have to rely on the accuracy of vendors to scan my system: I can find rootkits myself using sysinternals and other tools introduced by this book.
This book has enhanced my computer skills and knowledge across the board. I highly recommend it for intermediate-advanced programmers. It does assume a good knowledge of programming and some comfort with python, c/c++, assembler, and other common programming tools. But everything is explained in English as well, so deep familiarity with any specific language or tool is not required. Buy it and enjoy!!
One suggestion for those looking to purchase this book, it would help you to gain a mild understanding of python as many of the very great tools contained within the book rely on python. It is by no means necessary to understand python to use the tools but it would be helpful to better understand what the tools are doing.
I found the 4 chapters on memory analysis to be completely awesome! I have not seen such a wealth of information on memory analysis in once place. The chapters on memory analysis go from the basic analysis of memory dump to exploring code injection and rootkits to pulling registry and network artifacts from memory.
The book does a great job of introducing the reader to multiple ways in dealing with malware from using tools for classification, scanning with AV engines and sandboxes to working with DLLs and malware debugging. I really liked how when a tool is introduced then authors then usually have a script to automate much of the process. The DVD that comes with the book is worth the price of the book just by itself.
If you work with malware in any capacity I think this book with benefit you as it has so much to offer in so many areas when it comes to fighting malicious code.