ebook img

TEAM LinG - Live, Informative, Non-cost and Genuine! PDF

232 Pages·2005·1.45 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview TEAM LinG - Live, Informative, Non-cost and Genuine!

TEAM LinG - Live, Informative, Non-cost and Genuine! TROJANS, WORMS, AND SPYWARE TEAM LinG - Live, Informative, Non-cost and Genuine! This page intentionally left blank T MAE iL n G - iL ev , nI foamr tiev , oN noc- st an d eG niu ne! TROJANS, WORMS, AND SPYWARE A Computer Security Professional’s Guide to Malicious Code Michael Erbschloe AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO TEAM LinG - Live, Informative, Non-cost and Genuine! Elsevier Butterworth–Heinemann 200 Wheeler Road, Burlington, MA 01803, USA Linacre House, Jordan Hill, Oxford OX2 8DP, UK Copyright © 2005, Elsevier Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Permissions may be sought directly from Elsevier’s Science & Technology Rights Department in Oxford, UK: phone: (+44) 1865 843830, fax: (+44) 1865 853333, e-mail: To my mother To my friends Blaster and Razer TEAM LinG - Live, Informative, Non-cost and Genuine! This page intentionally left blank T MAE iL n G - iL ev , nI foamr tiev , oN noc- st an d eG niu ne! Table of Contents Preface xiii Introduction xv Inside This Book xvii Acknowledgements xix 1 Malicious Code Overview 1 Why Malicious Code Attacks Are Dangerous 3 Impact of Malicious Code Attacks on Corporate Security 6 Why Malicious Code Attacks Work 8 Action Steps to Combat Malicious Code Attacks 15 2 Types of Malicious Code 17 E-mail Viruses and Miscellaneous Viruses 18 Trojans and Other Backdoors 22 Worms 23 Blended Threats 24 Time Bombs 25 Spyware 25 Adware 26 Stealware 28 Action Steps to Combat Malicious Code Attacks 29 vii TEAM LinG - Live, Informative, Non-cost and Genuine! viii Trojans, Worms, and Spyware 3 Review of Malicious Code Incidents 31 Historic Tidbits 32 The Morris Worm 35 Melisa 36 Love Bug 37 Code Red(s) 42 SirCam 43 Nimda 4 Slamer 4 The Summer of 2003 Barrage of Blaster, Sobig, and More 45 Early 2004 with MyDoom, Netsky, and More 46 Action Steps to Combat Malicious Code Attacks 47 4 Basic Steps to Combat Malicious Code Attacks 51 Understanding the Risks 52 Using Security Policies to Set Standards 54 System and Patch Updates 56 Establishing a Computer Incident Response Team 57 Training for IT Professionals 59 Training End Users 60 Applying Social Engineering Methods in an Organization 61 Working with Law Enforcement Agencies 62 Action Steps to Combat Malicious Code Attacks 65 5 Organizing for Security, Prevention, and Response 69 Organization of the IT Security Function 69 Where Malicious Code Attack Prevention Fits into the IT Security Function 72 Staffing for Malicious Code Prevention in IT 74 Budgeting for Malicious Code Prevention 77 Evaluating Products for Malicious Code Prevention 80 Establishing and Utilizing an Alert System 81 Establishing and Utilizing a Reporting System 83 TEAM LinG - Live, Informative, Non-cost and Genuine! Table of Contents ix Corporate Security and Malicious Code Incident Investigations 84 Action Steps to Combat Malicious Code Attacks 85 6 Controlling Computer Behavior of Employees 89 Policies on Appropriate Use of Corporate Systems 90 Monitoring Employee Behavior 92 Web Site Blockers and Internet Filters 93 Cookie and Spyware Blockers 97 Pop-up Blockers 99 Controlling Downloads 100 SPAM Control 103 Action Steps to Combat Malicious Code Attacks 107 7 Responding to a Malicious Code Incident 109 About the Case Study 110 The First Report of a Malicious Code Attack 112 The Confirmation Process 114 Mobilizing the Response Team 115 Notifying Management 116 Using an Alert System and Informing End Users 116 Cleanup and Restoration 117 Controlling and Capturing Malicious Code 119 Identifying the Source of Malicious Code 120 Preserving Evidence 122 When to Call Law Enforcement and What to Expect 122 Enterprise-wide Eradication 124 Returning to Normal Operations 126 Analyzing Lessons Learned 128 Action Steps to Combat Malicious Code Attacks 130 8 Model Training Program for End Users 133 Explaining Why the Training Is Important 134 Explaining the Appropriate-Use Policy for Computers and Networks 141 TEAM LinG - Live, Informative, Non-cost and Genuine

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.