Trojans, Worms, and Spyware - Michael Erbschloe

Trojans, Worms, and Spyware (eBook)

A Computer Security Professional's Guide to Malicious Code

Michael Erbschloe (Autor)

eBook Download: PDF

2004 | 1. Auflage
232 Seiten
Elsevier Science (Verlag)
978-0-08-051968-5 (ISBN)

Trojans, Worms, and Spyware provides practical, easy to understand, and readily usable advice to help organizations to improve their security and reduce the possible risks of malicious code attacks. Despite the global downturn, information systems security remains one of the more in-demand professions in the world today. With the widespread use of the Internet as a business tool, more emphasis is being placed on information security than ever before. To successfully deal with this increase in dependence and the ever growing threat of virus and worm attacks, Information security and information assurance (IA) professionals need a jargon-free book that addresses the practical aspects of meeting new security requirements.

This book provides a comprehensive list of threats, an explanation of what they are and how they wreak havoc with systems, as well as a set of rules-to-live-by along with a system to develop procedures and implement security training. It is a daunting task to combat the new generation of computer security threats - new and advanced variants of Trojans, as well as spyware (both hardware and software) and bombs - and Trojans, Worms, and Spyware will be a handy must-have reference for the computer security professional to battle and prevent financial and operational harm from system attacks.

*Provides step-by-step instructions to follow in the event of an attack
*Case studies illustrate the do's, don'ts, and lessons learned from infamous attacks
*Illustrates to managers and their staffs the importance of having protocols and a response plan in place

Trojans, Worms, and Spyware provides practical, easy to understand, and readily usable advice to help organizations to improve their security and reduce the possible risks of malicious code attacks. Despite the global downturn, information systems security remains one of the more in-demand professions in the world today. With the widespread use of the Internet as a business tool, more emphasis is being placed on information security than ever before. To successfully deal with this increase in dependence and the ever growing threat of virus and worm attacks, Information security and information assurance (IA) professionals need a jargon-free book that addresses the practical aspects of meeting new security requirements. This book provides a comprehensive list of threats, an explanation of what they are and how they wreak havoc with systems, as well as a set of rules-to-live-by along with a system to develop procedures and implement security training. It is a daunting task to combat the new generation of computer security threats - new and advanced variants of Trojans, as well as spyware (both hardware and software) and "e;bombs? - and Trojans, Worms, and Spyware will be a handy must-have reference for the computer security professional to battle and prevent financial and operational harm from system attacks.*Provides step-by-step instructions to follow in the event of an attack *Case studies illustrate the "e;do's,"e; "e;don'ts,"e; and lessons learned from infamous attacks *Illustrates to managers and their staffs the importance of having protocols and a response plan in place

Cover 1
Table of Contents 8
Preface 14
Introduction 16
Inside This Book 18
Acknowledgements 20
Chapter 1. Malicious Code Overview 22
Why Malicious Code Attacks Are Dangerous 24
Impact of Malicious Code Attacks on Corporate Security 27
Why Malicious Code Attacks Work 29
Action Steps to Combat Malicious Code Attacks 36
Chapter 2. Types of Malicious Code 38
E-mail Viruses and Miscellaneous Viruses 39
Trojans and Other Backdoors 43
Worms 44
Blended Threats 45
Time Bombs 46
Spyware 46
Adware 47
Stealware 49
Action Steps to Combat Malicious Code Attacks 50
Chapter 3. Review of Malicious Code Incidents 52
Historic Tidbits 53
The Morris Worm 56
Melissa 57
Love Bug 58
Code Red(s) 63
SirCam 64
Nimda 65
Slammer 65
The Summer of 2003 Barrage of Blaster, Sobig, and More 66
Early 2004 with MyDoom, Netsky, and More 67
Action Steps to Combat Malicious Code Attacks 68
Chapter 4. Basic Steps to Combat Malicious Code Attacks 72
Understanding the Risks 73
Using Security Policies to Set Standards 75
System and Patch Updates 77
Establishing a Computer Incident Response Team 78
Training for IT Professionals 80
Training End Users 81
Applying Social Engineering Methods in an Organization 82
Working with Law Enforcement Agencies 83
Action Steps to Combat Malicious Code Attacks 86
Chapter 5. Organizing for Security, Prevention, and Response 90
Organization of the IT Security Function 90
Where Malicious Code Attack Prevention Fits into the IT Security Function 93
Staffing for Malicious Code Prevention in IT 95
Budgeting for Malicious Code Prevention 98
Evaluating Products for Malicious Code Prevention 101
Establishing and Utilizing an Alert System 102
Establishing and Utilizing a Reporting System 104
Corporate Security and Malicious Code Incident Investigations 105
Action Steps to Combat Malicious Code Attacks 106
Chapter 6. Controlling Computer Behavior of Employees 110
Policies on Appropriate Use of Corporate Systems 111
Monitoring Employee Behavior 113
Web Site Blockers and Internet Filters 114
Cookie and Spyware Blockers 118
Pop-up Blockers 120
Controlling Downloads 121
SPAM Control 124
Action Steps to Combat Malicious Code Attacks 128
Chapter 7. Responding to a Malicious Code Incident 130
About the Case Study 131
The First Report of a Malicious Code Attack 133
The Confirmation Process 135
Mobilizing the Response Team 136
Notifying Management 137
Using an Alert System and Informing End Users 137
Cleanup and Restoration 138
Controlling and Capturing Malicious Code 140
Identifying the Source of Malicious Code 141
Preserving Evidence 143
When to Call Law Enforcement and What to Expect 143
Enterprise-wide Eradication 145
Returning to Normal Operations 147
Analyzing Lessons Learned 149
Action Steps to Combat Malicious Code Attacks 151
Chapter 8. Model Training Program for End Users 154
Explaining Why the Training Is Important 155
Explaining the Appropriate-Use Policy for Computers and Networks 162
Explaining How the Help Desk and PC Support of the Organization Works 164
Providing Basic Information about Malicious code 166
Covering the Basic Do’s and Don’ts of Computer Usage to Prevent Attacks 170
Explaining How to Identify and Report Malicious Code 172
Explaining What Employees Should Expect from the IT Department During Incident Response 173
Performing the Administrative Aspects of a Training Program 175
Action Steps to Combat Malicious Code Attacks 175
Chapter 9. The Future of Malicious Code 178
Military-Style Information Warfare 179
Open-Source Information Warfare 187
Militancy and Social Action 195
Homeland Security Efforts 198
Action Steps to Combat Malicious Code Attacks 205
References 205
Appendix–Computer Security Resources 206
Central Command 206
CERT/CC 206
CIO Security and Privacy Research Center 206
CISSP and SSCP Open Study Guide 206
Common Vulnerabilities and Exposures (CVE) 206
Computer Associates Virus Information Center 207
Department of Homeland Security 207
Federal Trade Commission 207
F-Secure Security Information Center 207
GFI Security Lab 207
ICSA Information Security Magazine 207
InfoSysSec 207
InfraGuard 207
Internet Security Review Magazine 208
Internet Storm Center 208
McAfee Avert Virus Information Library 208
MessageLabs: Current Threats 208
Microsoft Security Advisor 208
NIST Computer Security Resource Clearinghouse 208
NIST Virus Information Page 209
NSA Information Assurance Program 209
Panda Software Virus Info 209
SC Info Security Magazine 209
Security Magazine 209
SecurityFocus 209
SecurityGeeks 209
Sophos Virus Information 209
Symantec Security Response 210
Trend Micro Virus Information Center 210
Virus Bulletin 210
VirusList.com 210
Index 212

Erscheint lt. Verlag	21.9.2004
Sprache	englisch
Themenwelt	Sachbuch/Ratgeber
	Informatik ► Netzwerke ► Sicherheit / Firewall
	Informatik ► Theorie / Studium ► Kryptologie
	Mathematik / Informatik ► Informatik ► Web / Internet
ISBN-10	0-08-051968-7 / 0080519687
ISBN-13	978-0-08-051968-5 / 9780080519685

Haben Sie eine Frage zum Produkt?

PDF (Adobe DRM)
Größe: 741 KB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Andere Ausgabe

Buch | Softcover (2004)

54,85 €