Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "AVIEN Malware Defense Guide for the Enterprise", Davi

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "AVIEN Malware Defense Guide for the Enterprise", David Harley et al
Date: Thu, 24 Jul 2008 11:10:25 -0800 
BKAVNMDG.RVW   20080420

"AVIEN Malware Defense Guide for the Enterprise", David Harley et al,
2007, 978-1-59749-164-8, U$59.95
%A   David Harley David.A.Harley@gmail.com
%A   Ken Bechtel
%A   Michael Blanchard
%A   Henk K. Diemer
%A   Andrew Lee
%A   Igor Muttik
%A   Bojan Zdrnja
%C   800 Hingham Street, Rockland, MA   02370
%D   2007
%G   1-59749-164-0 978-1-59749-164-8
%I   Syngress Media, Inc.
%O   U$59.95 781-681-5151 fax: 781-681-3585 www.syngress.com
%O  http://www.amazon.com/exec/obidos/ASIN/1597491640/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1597491640/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1597491640/robsladesin03-20
%O   Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P   540 p.
%T   "AVIEN Malware Defense Guide for the Enterprise"

The preface and introduction stress that this work is a collaborative
effort, combining the views of a number of AVIEN (Anti-Virus
Information Exchange Network) and AVIEWS (Anti-Virus Information and
Early Warning System) members, trying to avoid the blind spots that
result from perspectives limited to one individual or company.

Chapter one outlines the history of AVIEN, noting the tensions between
the (rather small) community that has concentrated on research about
malware and protection against the various threats and the general
user population.  (The general user population includes, for various
reasons, many of the producers and vendors of antivirus products.)  It
is noted (although not stressed) that AVIEN concentrates on protection
of medium to large companies, and this point is important in regard to
protective approaches.  A brief, historically-oriented, look at
malware and related issues, in chapter two, tries to eliminate common
confusion and sets a groundwork for further discussion.  The Web is
now a major source of security vulnerabilities, but the malware
literature has seldom considered the problem as a specific category,
so chapter three's excellent overview of the related technologies and
exploits is particularly welcome.  Botnets are a major threat (or
threats: they are used in a variety of ways), and there is a good
examination of the major associated concepts in chapter four. 
Unfortunately, the material is somewhat loosely structured and may be
confusing to some readers, and occasionally emphasizes specific (and
sometimes dated) technologies rather than the basic ideas.  Chapter
five examines the often-asked question of who writes malware, bringing
up a good deal of interesting material.  The text itself may be of
scant use to system administrators, although the points made in the
summary do indicate trends of concern.

Chapter six turns to protective measures, covering not just the usual
antiviral technologies, but advising on layered defence, with the
attendant required planning and management.  Outsourcing, of security
functions in general, and antiviral protection in particular, is
reviewed in chapter seven, with attention paid to both the dangers and
the conditions, agreements, and other factors that might provide
success.  Chapter eight's look at security awareness training and user
education seems to be intended to promote the idea, but is weaker in
providing solutions than other areas of the book, concentrating
primarily on the difficulties and failures.

A variety of tools that might be used in malware analysis, ranging
from system information utilities through debuggers to online virus
detectors, are listed in chapter nine.  Chapter ten considers aspects
of evaluating antiviral products, and makes a good, general guide.

Chapter eleven notes that the AVIEN organization is changing, and
feels like a promotional item to get the reader to become involved,
but the lack of detail of what the institution might become does not
seem calculated to appeal to busy administrators.

The book contains a tremendous wealth of information and references to
specific resources and studies.  This is not surprising, given the
background of the authors, and would, alone, make the text worthwhile. 
Overall this work provides a solid overview and compendium of advice
on the current malware situation, and should be a required starting
point for anyone protecting corporate assets in the current, highly
threatening, environment.

copyright Robert M. Slade, 2008   BKAVNMDG.RVW   20080420


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
Let others complain that the times are wicked. I complain that
they are paltry; for they are without passion. The thoughts of
men are thin and frail like lace, and they themselves are feeble
like girl lace-makers. The thoughts of their hearts are too puny
to be sinful.      - Soren Kierkegaard (1813-1855), Either/or (1843)
http://victoria.tc.ca/techrev/rms.htm

------------------------------------

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "AVIEN Malware Defense Guide for the Enterprise", David Harley et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  Re: [CISSP-D] Which is the Best book for the CISSP exam?, Richard Thomas
Next by Date:  [CISSP-D] REVIEW: "The Innocent Man", John Grisham, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] Which is the Best book for the CISSP exam?, mlwoodson
Next by Thread:  [CISSP-D] REVIEW: "The Innocent Man", John Grisham, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]