Virus/Rootkits/Malware



Professional Rootkits
Author: Ric Vieler
Publisher: Wrox
Year: 2007
Pages: 360
Amazon's book description: This book provides the detailed, step-by-step instructions and examples required to produce full-featured, robust rootkits. Presented in modular sections, source code from each chapter can be used separately or together to produce highlyspecific functionality. In addition, Vieler details the loading, configuration, and control techniques used to deploy rootkits. All ancillary software is fully detailed with supporting source code and links to the compilers, utilities, and scripts necessary to build and run every example provided.




Designing BSD Rootkits: An Introduction to Kernel Hacking
Author: Joseph Kong
Publisher: No Starch Press
Year: 2007
Pages: 144
Amazon's book description: Though rootkits have a fairly negative image, they can be used for both good and evil. Designing BSD Rootkits arms you with the knowledge you need to write offensive rootkits, to defend against malicious ones, and to explore the FreeBSD kernel and operating system in the process. Organized as a tutorial, Designing BSD Rootkits will teach you the fundamentals of programming and developing rootkits under the FreeBSD operating system. Author Joseph Kong's goal is to make you smarter, not to teach you how to write exploits or launch attacks. You'll learn how to maintain root access long after gaining access to a computer and how to hack FreeBSD.




Rootkits for Dummies
Author: Larry Stevenson, Nancy Altholz
Publisher: For Dummies; Pap/Cdr edition
Year: 2007
Pages: 380
Amazon's book description: A rootkit is a type of malicious software that gives the hacker "root" or administrator access to your network. They are activated before your system's operating system has completely booted up, making them extremely difficult to detect. Rootkits allow hackers to install hidden files, processes, and hidden user accounts. Hackers can use them to open back doors in order to intercept data from terminals, connections, and keyboards. A rootkit hacker can gain access to your systems and stay there for years, completely undetected.




Rootkits, Spyware/Adware, Keyloggers and Backdoors: Detection and Neutralization
Author: Oleg Zaytsev
Publisher: A-List Publishing
Year: 2006
Pages: 300
Amazon's book description: Covering the wide range of technologies implemented by contemporary malware programs such as rootkits, keyloggers, spyware, adware, back doors, and network and mail worms, this practical guide for system administrators and experienced users covers approaches to computer investigation and how to locate and destroy malicious programs without using antiviral software. Examples such as protocol fragments, operating principles of contemporary malicious programs, and an overview of specialized software for finding and neutralizing malware are presented, and the accompanying CD-ROM includes programs for system analysis and an antiviral utility intended for investigating the system and detecting rootkits and keyloggers.




Computer Viruses and Malware
Author: John Aycock
Publisher: Springer
Year: 2006
Pages: 227
Amazon's book description: Our Internet-connected society increasingly relies on computers. As a result, attacks on computers from malicious software have never been a bigger concern. Computer Viruses and Malware draws together hundreds of sources to provide an unprecedented view of malicious software and its countermeasures. This book discusses both the technical and human factors involved in computer viruses, worms, and anti-virus software. It also looks at the application of malicious software to computer crime and information warfare.




The Art of Computer Virus Research and Defense
Author: Peter Szor
Publisher: Addison-Wesley Professional
Year: 2005
Pages: 744
Amazon's book description: Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats.




Rootkits: Subverting the Windows Kernel
Author: Greg Hoglund, Jamie Butler
Publisher: Addison-Wesley Professional
Year: 2005
Pages: 352
Amazon's book description: Rootkits are the ultimate backdoor, giving hackers ongoing and virtually undetectable access to the systems they exploit. Now, two of the world's leading experts have written the first comprehensive guide to rootkits: what they are, how they work, how to build them, and how to detect them. Rootkit.com's Greg Hoglund and James Butler created and teach Black Hat's legendary course in rootkits. In this book, they reveal never-before-told offensive aspects of rootkit technology--learn how attackers can get in and stay in for years, without detection.




Malware: Fighting Malicious Code
Author: Ed Skoudis, Lenny Zeltser
Publisher: Prentice Hall PTR
Year: 2003
Pages: 672
Amazon's book description: This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn.




Malicious Mobile Code: Virus Protection for Windows
Author: Roger Grimes
Publisher: O'Reilly Media
Year: 2001
Pages: 542
Amazon's book description: Defending Microsoft Windows against viruses requires careful attention to emerging technical alerts and diligence in installing manufacturers' latest patches and upgrades. You'll do a better job of keeping Windows secure if you have a body of background knowledge about security weaknesses in Windows and familiarity with good security practices. That, for the most part, is what Malicious Mobile Code is about. Roger Grimes shares facts, tells stories, and reveals technical details that will make you realize how serious a threat is posed by malicious mobile code (a catch-all term Grimes uses to describe viruses, Trojans, and the like). Further, his exposition will likely motivate you to take the precautions he recommends.