***** Malware: Fighting Malicious Code. By Ed Skoudis; published by Prentice Hall PTR, www.prenhall.com (Web); 432 pages; $49.99.
Some security professionals who pick up this book will first see the many pages of malicious code, and they will put the book down without going any further, assuming it too technical. That would be a mistake.
With minimal effort, they will find that code examples are explained simply and concisely and are used to emphasize major points. In fact, once readers get into the book, they will discover that it reads more like a compelling spy novel than like a dry computer tome.
Author Ed Skoudis provides amazing insight into the types of tools attackers use to bring down computers and networks or to steal and manipulate information stored on those systems. As would be expected, worms and viruses receive considerable attention, but Skoudis also is adept at explaining backdoors, Trojan horses, malicious mobile code, rootkits, and numerous other tools and scenarios.
Humor is also used to make the technical content more palatable. When describing how dangerous a particular implementation could be, Skoudis likens it to “running backwards with scissors up and down stairs while blindfolded and chewing gum.” That makes the reading much more enjoyable.
But the hallmark of the book is that, for every tool and attack, Skoudis describes many defense mechanisms to thwart them. He has in effect created a “one-stop shop” for anyone interested in learning about malicious code and how to defend against it.
Although a level of technical knowledge is necessary for a complete understanding of the concepts, this book is suitable for anyone working in the security industry. In fact, with businesses becoming almost totally dependent on their computer systems to conduct and support business processes, this book should be required reading.
Reviewer: John Mallery is a managing consultant for the firm BKD, LLP, where he is responsible for managing the firm’s computer forensics services. He is also coauthor of Hardening Network Security, recently published by McGraw-Hill. He is a member of the ASIS Information Technology Security Council.