Qty:1
  • List Price: $64.99
  • Save: $23.38 (36%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Want it Friday, April 18? Order within and choose One-Day Shipping at checkout. Details
FREE Shipping on orders over $35.
Used: Very Good | Details
Condition: Used: Very Good
Comment: While this book has been loved by someone else, they left it in great condition. Hurry and buy it before someone else does and take advantage of our FREE Super Saver Shipping!!!
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more

Malware: Fighting Malicious Code Paperback

ISBN-13: 007-6092022046 ISBN-10: 0131014056

See all 5 formats and editions Hide other formats and editions
Amazon Price New from Used from Collectible from
Paperback
"Please retry"
$41.61
$21.25 $6.40

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Frequently Bought Together

Malware: Fighting Malicious Code + Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)
Price for both: $97.04

Buy the selected items together

NO_CONTENT_IN_FEATURE

Sell Your Books
Get up to 75% back when you sell your books on Amazon. Ship your books for free and get Amazon.com Gift Cards. Learn more.

Product Details

  • Paperback: 672 pages
  • Publisher: Prentice Hall (November 17, 2003)
  • Language: English
  • ISBN-10: 0131014056
  • ISBN-13: 978-0131014053
  • Product Dimensions: 9.2 x 6.9 x 1.5 inches
  • Shipping Weight: 2.8 pounds (View shipping rates and policies)
  • Average Customer Review: 4.9 out of 5 stars  See all reviews (19 customer reviews)
  • Amazon Best Sellers Rank: #323,835 in Books (See Top 100 in Books)

Editorial Reviews

From the Back Cover

  • Reveals how attackers install malicious code and how they evade detection
  • Shows how you can defeat their schemes and keep your computers and network safe!
  • Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats
  • Explains how to handle today's threats, with an eye on handling the threats to come

"This is a truly outstanding book-enormous technical wealth and beautifully written."
—Warwick Ford

"Ed does it again, piercing the veil of mystery surrounding many of the more technical aspects of computer security!"
—Harlan Carvey, CISSP

"This book is entertaining and informative, while justifiably scaring you. Luckily it also tells you how to protect yourself, but makes you realize it's going to be a permanent spy-vs-spy struggle."
—Radia Perlman, Distinguished Engineer, Sun Microsystems

Keep control of your systems out of the hands of unknown attackers

Ignoring the threat of malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data-all without your knowledge! Written for computer pros and savvy home users by computer security expert Edward Skoudis, Malware: Fighting Malicious Code covers everything you need to know about malware, and how to defeat it!

This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn. This book includes:

  • Solutions and examples that cover both UNIX® and Windows®
  • Practical, time-tested, real-world actions you can take to secure your systems
  • Instructions for building your own inexpensive malware code analysis lab so you can get familiar with attack and defensive tools harmlessly!

Malware: Fighting Malicious Code is intended for system administrators, network personnel, security personnel, savvy home computer users, and anyone else interested in keeping their systems safe from attackers.

About the Author

Ed Skoudis is a computer security consultant with International Network Services. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, designed secure network architectures, and responded to computer attacks. A frequent speaker on issues associated with hacker tools and effective defenses, Ed has published several articles, as well as the highly acclaimed Counter Attack: A Step-by-Step Guide to Computer Attacks and Effective Defenses (Prentice Hall PTR, 2001).

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.9 out of 5 stars
5 star
18
4 star
0
3 star
1
2 star
0
1 star
0
See all 19 customer reviews
I highly recommend that all security professionals read this book.
JOSEPH P. BOWLING
Ed is able to explain complex technical material in a way that's easy to digest and enjoyable to the reader.
Jeff Pike
The Analysis chapter gives you an excellent outline for setting up a malware analysis lab.
Thomas Duff

Most Helpful Customer Reviews

32 of 36 people found the following review helpful By John L. Berger on April 16, 2004
Format: Paperback
Working with a computer that doesn't want to behave on its own is frustrating enough. Between buggy code and the blue screen of death, many of us have wanted to throw our computers against the wall. Unfortunately, not only do we need to deal with these wonderful, little problems, but we also need to deal with programs that are intentionally trying to inflict problems on or through our computers.
These programs, collectively called "malware", include many different categories; however, we know them best as the "virus", "Trojan horse", "rootkits", "backdoors", and a lot of others. These malware tools (based on "mal", the Latin word for "bad" or "evil") are the bane not only of system administrators but also of the average home user who just doesn't know any better.
"Malware: Fighting Malicious Code" by Ed Skoudis is meant to educate the reader not only of the dangers of malware but also of ways to combat malware.
"To defeat your enemy, you first must know him." - Sun Tzu
This phrase is the core philosophy of this book. This 647-page fighter's manual is the computer-age version of Tzu's "The Art of War", except in this case the war is between you and the low-life morons who create the programs that facilitated the need for Skoudis to write this book.
I found this book to be far more fascinating than I thought it would be. After all, how exciting can a book about virii and Trojan horses really be? "Malware" is written with a surprising amount of detailed, historical facts, real-world examples, and light-hearted humor that help to keep your attention. The author also takes extra steps to differentiate between the various types of malware. After all, how many people do you know who continually (and incorrectly) use "virus", "Trojan horse", and "worm" interchangeably?
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
13 of 13 people found the following review helpful By W Boudville HALL OF FAMETOP 1000 REVIEWERVINE VOICE on December 13, 2003
Format: Paperback
Utterly fascinating. It comprehensively surveys the field of malware. It clearly explains viruses, worms and Trojans. Plus, given the universal prevalence of browsers on computers these days, careful attention is given to infiltrations via buggy browsers.
The authors write in an easy to follow style, aimed at the programmer. Though if you are not such, but know the rudiments of computers as a user, you can follow most of the discussion.
If you have ever wondered at the brief explanations of viruses or worms that appear in the general media, or even in the technical magazines, then this is an instructive book. For example, you have probably heard of "buffer overflows". But due to the constraints of space or audience type, the explanations left you unsatisfied. Turn instead here.
Some of you may look with askance upon this book. After all, haven't the authors just written a HowTo for new malware wretches? Strictly, perhaps so. But before you berate the authors, consider this. The top malware writers probably devote the bulk of their formidable intellectual creativity to malware. But if you want to guard against it, and you are a programmer or sysadmin, typically this is not your only responsibility. Without a book like this, it is much harder to come up to speed. You then face a very unlevel playing field.
The only strange thing about this book is that there should be more like it, at its level of detail. If you survey the field of computer books, it can seem like there are multiple books on most topics, not matter how obscure. But on THIS topic, which is of broad, pervasive import to most users, there exists little.
Until now.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
10 of 10 people found the following review helpful By John A. Faulkner on January 27, 2005
Format: Paperback
This book provides the best review of malicious software that is presently available. If you need a comprehensive reference then this is the book for you. The author is a well-known and respected security analyst and this book provides solid information at a level suitable for the system administrator. Unlike so many books of this type, it is not a camouflaged endorsement of some vendor's products or a simplistic and alarmist text.

Topics covered include:

- viruses, with a brief history and description of the various types and their mechanisms;

- worms, again with a brief history and description of the various types and their mechanisms;

- mobile code, including browser scripts, ActiveX controls, Java applets and mobile code as it occurs in email clients and distributed applications. Given the increasing amount of mobile code, this is particularly valuable;

- backdoors, particularly Netcat and VNC but covering some others as well;

- trojans inlcuding wrappers, source poisoning and browser co-option;

- rootkits for Unix andWindows;

- kernel-mode rotkits for linux and Windows;

- possible modes, including BIOS and microcode attacks.

"Encyclopediac" is the only description I can give, but be warned that it's not for the general reader, or for newbies.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
11 of 12 people found the following review helpful By Richard Bejtlich on June 13, 2004
Format: Paperback
I reviewed Ed's "Counter Hack" in Nov 2001, giving it five stars as the perfect introduction for newcomers to the security field. 2 1/2 years later I'm happy to say "Malware" delivers the same quality, clarity, and insight that made "Counter Hack" a winner. My only regret is not having read and reviewed "Malware" sooner!
One of the impressive aspects of this book is the degree to which it is "future-proofed." Ed looks at current threats like worms, viruses, trojans, and user- and kernel-mode rootkits, like any author might. He then takes malicious software to the next level, from the kernel to BIOS and finally to CPU microcode. These BIOS- and microcode-level attacks are still largely theoretical (aside from BIOS-destroying code), at least as far as the public knows. When the world sees these threats emerge, "Malware" will be waiting to explain their capabilities.
Ed writes exceptionally well, bringing coverage of Linux and Windows kernel internals to the masses. I enjoyed learning about the trojaned Tcpdump distribution, anti-forensics, DLL injection, and API hooking. Lenny Zeltser's chapters on malware analysis were helpful as well, and I recommend attending his reverse engineering classes. The book also shines with respect to skillful use of tables and diagrams to explain key points.
The only technical inaccuracy I found was the proposition that UNIX filesystems maintain a c_time as "creation time" (p. 319 and elsewhere). c_time is "change of inode time," like changing permissions on a file. Windows' NTFS "c_time" is indeed "creation time," however. I also found myself skipping many of the author's analogies, like the king, knights, castle, etc.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Product Images from Customers

Most Recent Customer Reviews

Search
ARRAY(0xa60c44c8)