Malicious Mobile Code: Virus Protection for Windows (O'Reilly Computer Security) [Paperback]

Roger A. Grimes (Author)

Book Description

Publication Date: August 2001

Malicious mobile code is a new term to describe all sorts of destructive programs: viruses, worms, Trojans, and rogue Internet content. Until fairly recently, experts worried mostly about computer viruses that spread only through executable files, not data files, and certainly not through email exchange. The Melissa virus and the Love Bug proved the experts wrong, attacking Windows computers when recipients did nothing more than open an email. Today, writing programs is easier than ever, and so is writing malicious code. The idea that someone could write malicious code and spread it to 60 million computers in a matter of hours is no longer a fantasy.

The good news is that there are effective ways to thwart Windows malicious code attacks, and author Roger Grimes maps them out in Malicious Mobile Code: Virus Protection for Windows. His opening chapter on the history of malicious code and the multi-million dollar anti-virus industry sets the stage for a comprehensive rundown on today's viruses and the nuts and bolts of protecting a system from them. He ranges through the best ways to configure Windows for maximum protection, what a DOS virus can and can't do, what today's biggest threats are, and other important and frequently surprising information. For example, how many people know that joining a chat discussion can turn one's entire computer system into an open book?

Malicious Mobile Code delivers the strategies, tips, and tricks to secure a system against attack. It covers:

• The current state of the malicious code writing and cracker community
• How malicious code works, what types there are, and what it can and cannot do
• Common anti-virus defenses, including anti-virus software
• How malicious code affects the various Windows operating systems, and how to recognize, remove, and prevent it
• Macro viruses affecting MS Word, MS Excel, and VBScript
• Java applets and ActiveX controls
• Enterprise-wide malicious code protection
• Hoaxes
• The future of malicious mobile code and how to combat such code

These days, when it comes to protecting both home computers and company networks against malicious code, the stakes are higher than ever. Malicious Mobile Code is the essential guide for securing a system from catastrophic loss.

Editorial Reviews

Amazon.com Review

Defending Microsoft Windows against viruses requires careful attention to emerging technical alerts and diligence in installing manufacturers' latest patches and upgrades. You'll do a better job of keeping Windows secure if you have a body of background knowledge about security weaknesses in Windows and familiarity with good security practices. That, for the most part, is what Malicious Mobile Code is about. Roger Grimes shares facts, tells stories, and reveals technical details that will make you realize how serious a threat is posed by malicious mobile code (a catch-all term Grimes uses to describe viruses, Trojans, and the like). Further, his exposition will likely motivate you to take the precautions he recommends.

Some of Grimes's advice is by now obvious (don't run executable files that arrive attached to e-mail messages), but a lot of it will be news to Windows users and even system administrators. For example, he goes into considerable detail on how BackOrifice works, with particular attention to how black-hat hackers use it to build networks of compromised machines that they can use in further attacks. He's liberal with defensive advice, as well, describing how to adjust the settings of your browser, instant messaging client, and other software to stave off attacks. There's much discussion of Registry manipulation, too. More coverage of risks specific to Windows 2000 (and Windows XP, which isn't covered here at all) would make this book better, but since many attacks are generic to 32-bit Windows environments, Grimes's work remains current. --David Wall

Topics covered: Viruses, Trojans, worms, and other nasties--particularly those that can be distributed with e-mail messages, Web pages, or instant messaging tools--that can disable Microsoft Windows, or turn control of it over to unauthorized hackers. Coverage is explanatory, in a "know your enemy" sort of way, and includes lots of defensive strategies.

Review

'This really is a great book for getting your head around Internet security - we wholeheartedly recommend it.' InternetWorks, November 2001 'It seems that most computer books are about 40mm thick, with approximately one third of that representing 'useful' information. O'Reilly have a reputation, as publishers, for distilling their texts so that only the 'third' is published. Malicious Mobile Code (MMC) is 25mm thick - I would hate to see the tome another publisher would have produced!' - Paul Baccas, Virus Bulletin, October 2001 "Offers excellent understanding of the subject matter" - Mike James, Computer Shopper, September 2002

See all Editorial Reviews

Product Details

• Paperback: 542 pages
• Publisher: O'Reilly Media; 1 edition (August 2001)
• Language: English
• ISBN-10: 156592682X
• ISBN-13: 978-1565926820
• Product Dimensions: 9.1 x 7 x 1 inches
• Shipping Weight: 1.7 pounds (View shipping rates and policies)
• Average Customer Review: 4.7 out of 5 stars  See all reviews (6 customer reviews)
• Amazon Best Sellers Rank: #1,905,492 in Books (See Top 100 in Books)
  • #19 in Books > Computers & Technology > Microsoft > Mobile & Handheld Computing

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

14 of 15 people found the following review helpful:

5.0 out of 5 stars A must for anyone in the computer field, August 17, 2001

By 

Miguel Rodriguez (Puerto Rico) - See all my reviews

This review is from: Malicious Mobile Code: Virus Protection for Windows (O'Reilly Computer Security) (Paperback)

I've been in the computer consulting field for over 10 years (DOS, Novell, and Microsoft), and during all that time I've been fighting viruses, and now emailing worms, for my clients. I've always installed the latest antivirus software and told my clients how to treat suspicious emails or files. And while this advice has always worked on my company's network, it seems rarely to have worked at my customer's locations. Mr. Grimes talks about the same experiences in the book. (I was passed an early copy of the book by one of my friends in the antivirus industry). To make a long story short, the book's advice works. It's all commonsense stuff after you read it, and it showed me some new prevention tactics that I will continue to use with existing and future clients.

As for example, one of my clients, with about 100 workstations, seemed to get infected about every three days no matter what I would tell them (one person in particular). And although I love the consulting dollars, it really became a pain disinfecting their network again and again. I followed the steps in the book, and my clients haven't been infected since. It's only been a month, but they went from dozens of infections per week, to none.

Every chapter in the book covers a particular topic, like Windows viruses, Instant Messaging attacks, Email attacks, etc. Mr. Grimes begins by describing the underlying technology, talks about specific attacks, and then tells how to detect and prevent them. Each chapter has dozens of recommendations and his last chapter (actually second to last) talks about what steps you should take on each PC you supervise. This was nice because trying to remember the dozens of steps to take all at once would have been tough. He even covers how to make an anti-virus plan, but that doesn't really apply to my consulting work; however I'm sure it would help a company system admin type.

I can easily say I learned more about Virus attacks on Windows, Java, VBA, and Internet apps than I knew before. I was really surprised by how many places bad programs can hide to automatically start on a computer. There are over a dozen. And for a technical book it was really easy reading. It was the best book I've ever read, and used, on computer viruses. The book included his email address and I sent a question to him and he answered it the same day.

The book covers Windows, no Linux or Mac, but doesn't cover Novell Groupwise in the email chapter but it is well worth the read. Although most of my clients are Microsoft shops, I've still have some Novell shops. It mentions, but doesn't discuss automated distribution tools, like SMS or ZenWorks. If you've got a very large network, you're going to need a good way to automate all the steps. There are few typos and grammar errors, but certainly not enough to take away from the message. Also, like most other antivirus books, it doesn't say what antivirus product to get. Mr. Grimes mentions a few different products, but I was really looking for his recommendation (or anyone) to tell me the best antivirus product out there. It seems they all miss something. Other than these few issues, great book and I highly recommend it.

9 of 9 people found the following review helpful:

5.0 out of 5 stars A great security overview, March 17, 2002

By 

J. J. Kwashnak "voracious reader" (Monroe, LA) - See all my reviews
(VINE VOICE)    (REAL NAME)   

This review is from: Malicious Mobile Code: Virus Protection for Windows (O'Reilly Computer Security) (Paperback)

Keeping up with computer security is a full time job. Grimes has given a clear, precise primer of one aspect of computer security - viruses, trojans, worms - collectively known as malicious mobile code. The book is DOS/Windows centric, but this focus helps you see a) where the threats for the most part, and b) allows you to extend the types of threats into other operating systems. You are taken step by step through the development of malicious code and how and why they can work on some systems, but less effectively on others. The constant refrain of the book shows the author's philosophy: Use an up to date anti-virus product. But if somethign slips by, Grimes shows you ways to react, and lessen the impact if not to this once computer, but to the rest on the network. It is easily one of the most readable books I have encountered on the subject.

This book is an essential reference for any computer manager's toolkit. We can't stop the code writers from producing thier output, but we can work to lessen the impact they can have on us.

5 of 5 people found the following review helpful:

5.0 out of 5 stars A student's perspective, February 14, 2004

By 

Robin J. Baker (Rome, NY United States) - See all my reviews
(REAL NAME)   

This review is from: Malicious Mobile Code: Virus Protection for Windows (O'Reilly Computer Security) (Paperback)

More important than anything else I can say about this book is that it was a good read! Being subject to often boring books on algorithms, and operating systems, this book kept me captivated with its straight forward presentation, and even more remarkable stories. Even if you never plan to start editting a registry, this book is worth reading.

What I got most from this book though was a perpective on dealing with virus (etc) problems overall. Identifying what area of a system needs examining, what precautions should be taken, and even classifying symptoms, was very enlightning. That it was also a major source in a paper I received an A on, doesn't hurt either. I am sure it will come in as a handy reference for some time yet.