By Greg Hoglund
"It's primary that everyone operating within the box of cyber-security learn this publication to appreciate the growing to be probability of rootkits."
--Mark Russinovich, editor, home windows IT seasoned / home windows & .NET Magazine
"This fabric is not just up to date, it defines updated. it really is really state of the art. because the in basic terms publication at the topic, Rootkits might be of curiosity to any home windows safety researcher or safety programmer. it really is exact, good researched and the technical info is great. the extent of technical element, learn, and time invested in constructing correct examples is notable. in a single observe: Outstanding."
--Tony Bautts, safeguard advisor; CEO, Xtivix, Inc.
"This booklet is an important learn for somebody answerable for home windows safeguard. protection execs, home windows process directors, and programmers commonly probably want to comprehend the strategies utilized by rootkit authors. At a time whilst many IT and safeguard execs are nonetheless being concerned concerning the most modern electronic mail virus or tips on how to get all of this month's safeguard patches put in, Mr. Hoglund and Mr. Butler open your eyes to a couple of the main stealthy and critical threats to the home windows working procedure. purely through knowing those offensive thoughts are you able to adequately guard the networks and platforms for that you are responsible."
--Jennifer Kolde, defense advisor, writer, and Instructor
"What's worse than being owned? now not figuring out it. discover what it potential to be owned by way of examining Hoglund and Butler's first-of-a-kind e-book on rootkits. on the apex the malicious hacker toolset--which comprises decompilers, disassemblers, fault-injection engines, kernel debuggers, payload collections, insurance instruments, and circulation research tools--is the rootkit. starting the place Exploiting software program left off, this ebook indicates how attackers conceal in simple sight.
"Rootkits are super strong and are the subsequent wave of assault expertise. Like different varieties of malicious code, rootkits thrive on stealthiness. They cover clear of regular approach observers, applying hooks, trampolines, and patches to get their paintings performed. refined rootkits run in this sort of means that different courses that typically display screen desktop habit cannot simply become aware of them. A rootkit hence offers insider entry in basic terms to those that be aware of that it really is working and to be had to simply accept instructions. Kernel rootkits can conceal records and working procedures to supply a backdoor into the objective machine.
"Understanding the last word attacker's device offers a big motivator for these people attempting to shield structures. No authors are larger fitted to provide you with a close hands-on knowing of rootkits than Hoglund and Butler. larger to possess this booklet than to be owned."
--Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting software program (2004) and development safe software program (2002), either from Addison-Wesley
"Greg and Jamie are certainly the go-to specialists in terms of subverting the home windows API and growing rootkits. those masters come jointly to pierce the veil of poser surrounding rootkits, bringing this knowledge out of the shadows. a person even remotely drawn to defense for home windows platforms, together with forensic research, should still contain this e-book very excessive on their must-read list."
--Harlan Carvey, writer of home windows Forensics and Incident restoration (Addison-Wesley, 2005)
Rootkits are the final word backdoor, giving hackers ongoing and almost undetectable entry to the structures they take advantage of. Now, of the world's prime specialists have written the 1st entire advisor to rootkits: what they're, how they paintings, the right way to construct them, and the way to become aware of them. Rootkit.com's Greg Hoglund and James Butler created and train Black Hat's mythical path in rootkits. during this publication, they exhibit never-before-told offensive elements of rootkit technology--learn how attackers can get in and remain in for years, with no detection.
Hoglund and Butler express precisely how one can subvert the home windows XP and home windows 2000 kernels, instructing thoughts which are simply utilized to nearly any smooth working approach, from home windows Server 2003 to Linux and UNIX. They educate rootkit programming options that may be used for a variety of software program, from white hat protection instruments to working approach drivers and debuggers.
After studying this publication, readers should be capable to
- Understand the function of rootkits in distant command/control and software program eavesdropping
- Build kernel rootkits that could make tactics, documents, and directories invisible
- Master key rootkit programming recommendations, together with hooking, runtime patching, and without delay manipulating kernel gadgets
- Work with layered drivers to enforce keyboard sniffers and dossier filters
- Detect rootkits and construct host-based intrusion prevention software program that resists rootkit attacks
Read or Download Rootkits: Subverting the Windows Kernel PDF
Similar Comptia books
Best-of-the-best directions for dealing with low voltage wiring The A-Z reference on designing, fitting, protecting, and troubleshooting smooth safety and fireplace alarm platforms is now totally updated in a brand new version. ready via Terry Kennedy and John E. Traister, authors with over 3 many years of hands-on adventure apiece within the building undefined, Low Voltage Wiring: Security/Fire Alarm structures, 3rd variation presents all of the applicable wiring info you want to paintings on defense and fireplace alarm platforms in residential, advertisement, and business structures.
Examine in-depth perception into how hackers infiltrate e-business and the way they are often stopped. The booklet includes up to date hacks and countermeasures, together with the most recent denial of carrier assaults, e mail assaults, viruses, and net hacks. there's additionally insurance of home windows XP Server. The CD comprises customized scripts created, seller instruments, a default password database, and an digital define of the publication with reside hyperlinks to the entire instruments which are referenced within the e-book.
"The e-book is of large final result and strength price. The Java 2 Platform protection represents an boost of significant proportions, and the data during this booklet is captured nowhere else. " --Peter G. Neumann, crucial Scientist, SRI overseas desktop technology Lab, writer of Computer-Related hazards, and Moderator of the hazards discussion board "Profound!
The Hands-On, sensible advisor to fighting Ajax-Related protection Vulnerabilities a growing number of sites are being rewritten as Ajax functions; even conventional laptop software program is quickly relocating to the internet through Ajax. yet, all too usually, this transition is being made with reckless overlook for safeguard.
Extra info for Rootkits: Subverting the Windows Kernel