Book Review - Malware: Fighting Malicious Code by Ed Skoudis with Lenny Zeltser
One of the most comprehensive books I've seen lately on malware is the title Malware: Fighting Malicious Code by Ed Skoudis with Lenny Zeltser (Prentice Hall).
Chapter list: Introduction; Viruses; Worms; Malicious Mobile Code; Backdoors; Trojan Horses; User-Mode Rootkits; Kernal-Mode Rootkits; Going Deeper; Scenarios; Malware Analysis; Conclusion; Index
In each of these chapters, the authors give a brief history of that malware type, an in-depth explanation as to how they work, and complete coverage on how you can help prevent getting damaged by it. Each chapter wraps up with a conclusion, a summary, and the list of references for the chapter. For readers looking to find detailed information, they won't be disappointed. For readers looking at receiving their first exposure to the material, the writing style is easy to follow and doesn't overwhelm.
I personally enjoyed the chapters on Malware Analysis and Scenarios. The Analysis chapter gives you an excellent outline for setting up a malware analysis lab. You'll learn how to set up the hardware, protect yourself against leakage to other networks, and what software is needed to do your analysis. Following this outline, you'll be well-prepared to track down bugs like a pro. The Scenario chapter is also excellent. The authors set up three malware scenarios with actual people and configurations, and show how certain choices and mistakes can lead to disaster. There's lots of good learning material here.
Great book, excellent material, and a definite must for your security bookshelf.