The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System
معرفی کتاب «The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System» نوشتهٔ Blunden, Reverend Bill، منتشرشده توسط نشر Jones & Bartlett Learning در سال 2012. این کتاب در فرمت epub، زبان انگلیسی ارائه شده است.
While forensic analysis has proven to be a valuable investigative tool in the field of computer security, utilizing anti-forensic technology makes it possible to maintain a covert operational foothold for extended periods, even in a high-security environment. Adopting an approach that favors full disclosure, the updated Second Edition of The Rootkit Arsenal presents the most accessible, timely, and complete coverage of forensic countermeasures. This book covers more topics, in greater depth, than any other currently available. In doing so the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented. The range of topics presented includes how to: ⢠Evade post-mortem analysis ⢠Frustrate attempts to reverse engineer your command & control modules ⢠Defeat live incident response ⢠Undermine the process of memory analysis ⢠Modify subsystem internals to feed misinformation to the outside ⢠Entrench your code in fortified regions of execution ⢠Design and implement covert channels ⢠Unearth new avenues of attack While forensic analysis has proven to be a valuable investigative tool in the field of computer security, utilizing anti-forensic technology makes it possible to maintain a covert operational foothold for extended periods, even in a high-security environment. Adopting an approach that favors full disclosure, the updated Second Edition of The Rootkit Arsenal presents the most accessible, timely, and complete coverage of forensic countermeasures. This book covers more topics, in greater depth, than any other currently available. In doing so the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented. The range of topics presented includes how to: Evade post-mortem analysis; Frustrate attempts to reverse engineer your command & control modules; Defeat live incident response; Undermine the process of memory analysis; Modify subsystem internals to feed misinformation to the outside; Entrench your code in fortified regions of execution; Design and implement covert channels; Unearth new avenues of attack. - Publisher. Foundation Empty cup mind Anti-forensics overview Hardware briefing System software briefing Tools of the trade Life in kernel space Post-mortem Defeating disk analysis Foiling executable analysis Live response Defeating live response Shellcode Modifying call tables Modifying code Modifying objects kernel Covert channels Going out-of-band Summation The tao of rootkits Epilogue.
دانلود کتاب The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System