Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

REVIEW: "Computer Viruses for Dummies", Peter Gregory

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: REVIEW: "Computer Viruses for Dummies", Peter Gregory
Date: Thu, 16 Dec 2004 08:30:13 -0800 
BKCMVRDM.RVW   20041010

"Computer Viruses for Dummies", Peter Gregory, 2004, 0-7645-7418-3,
U$14.99/C$21.99/UK#9.99
%A   Peter Gregory peter.gregory@hartgregorygroup.com
%C   5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8
%D   2004
%G   0-7645-7418-3
%I   John Wiley & Sons, Inc.
%O   U$14.99/C$21.99/UK#9.99 416-236-4433 fax: 416-236-4448
%O  http://www.amazon.com/exec/obidos/ASIN/0764574183/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0764574183/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0764574183/robsladesin03-20
%P   274 p.
%T   "Computer Viruses for Dummies"

This book isn't really about computer viruses.  The introduction
contains an awkwardly worded paragraph in Gregory refuses to define
computer viruses, but makes it clear that he intends, in common with
Humpty-Dumpty, to use the term "virus" in whichever way he chooses. 
Mostly he chooses to use it to mean "lots of things that can be
annoying to your computing, including malware, spam, and other
circumstances."  To the non-specialist this might seem to be an
advantage.  After all, who cares what you call the problem as long as
you're protected from it?  Unfortunately, the different types of Bad
Things out there work in different ways.  So why tell the reader to
use a firewall, and avoid getting their addresses on spam lists, when
neither technology has anything to do with protecting you against
viruses?

Part one is supposed to allow you to evaluate your virus situation. 
Chapter one, which purports to give you the information necessary to
understand virus risks, contains a lot of generally irrelevant
material, such as the various versions of Windows.  (It is ironic that
the most meager entry given is that for Windows XP, since XP was
actually an important increase in virus risk.  The internal structure
of the operating system makes it harder to clean and protect--DCOM is
more difficult to shut off, and System Restore makes it harder to get
rid of risky utilities--and the increased wealth of hiding places
makes disinfection much more problematic.)  The symptoms listed in
chapter two are not reliable indicators of the presence; or absence;
of a virus.  The section that repeats much of the content of chapter
one is peculiar.  The book is intended for, err ..., average to novice
computer users, so having a chapter telling you how to find out if
your computer actually has antiviral software already installed is
possibly a good thing.  But chapter three spends an awful lot of time
telling you things about icons, and not as much time on how you might
determine the version or signature update status.

Part two is concerned with actually protecting yourself.  Chapter four
suggests a reasonable process for installing new antiviral software
once you have it.  First, however, there is some questionable advice
in regard to choosing said software.  "Reputable" is not an easily
quantifiable term: the ordinary user is going to have a hard time
distinguishing between "is highly functional" and "costs a lot and has
the biggest, brightest boxes and ads."  In addition, Gregory strongly
promotes the idea of bundled packages, without noting that such
applications seldom have the "best of breed" in all categories, or
that a failure in one component can often turn off the whole suite. 
Again, since this book is aimed at the typical user, chapter five's
review of configuration options is not altogether useful: it does not
always point out the dangers of certain actions.  Chapter six, on
scanning your computer and email, has very little helpful material. 
Dealing with infections, in chapter seven, is somewhat better.  The
content regarding interpretation of warning messages is worthwhile. 
But the terse accounts of modifying the Registry and restoring or re-
installing files may lead readers into difficulty.

Part three deals with maintenance of protection.  Chapter eight,
regarding updating of signatures, does not seem to have much value,
and nine, on patching, really only has a couple of useful pages, and
those only for Windows and Office.  Firewalls and anti-spyware
programs are important, but chapter ten fails to note how much you
need to know about network traffic in order to effectively use a
firewall, and that anti-spyware scanners don't detect viruses and vice
versa.  Some reasonable guidance on protecting your PDA (Personal
Digital Assistant) is given in chapter eleven.  Chapter twelve
suggests making backups of your data, and has a few other points that
might make you a bit safer.  (I'd propose that telling people not to
open attachments and avoid P2P/file sharing systems would result in
better safety.)

Part four is supposed to tell us more about what viruses are.  Chapter
thirteen is a not-terribly-reliable history.  (BRAIN was not the
first, Concept was not a polymorph [and came later, anyway], and
during the heyday of BBSes the dominant viruses were boot sector
infectors--which couldn't be spread by BBSes.  Also, it is highly
ironic that Gregory seems to imply that the Norton product was the
first antivirus--since Peter Norton spent over year telling people
that viruses were a myth and computer users should not foolishly give
their money to those antivirus-product-selling scammers.)  (I agree
with Gregory on the virus writers, though.)  Other types of malware
and scams are briefly discussed in chapter fourteen.  Chapter fifteen
has a little (and old) information on virus operations, and some other
miscellaneous stuff.

Part five is the usual "Part of Tens," this time giving us nine myths
and an actual situation (there are *way* more than ten myths), and
minimal information about ten antivirals.

This book is addressed to people who aren't interested in viruses, and
wouldn't want to read a book about viruses.  (Which makes for an
interesting marketing challenge.)  It is difficult to say that nobody
would ever benefit from reading this text.  But it is much harder to
envisage a situation in which this circumscribed data would save the
day, and really easy to imagine situations in which the little
information in this tome could be a very dangerous thing.

copyright Robert M. Slade, 2004   BKCMVRDM.RVW   20041010


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
Why is it that our memory is good enough to retain the least
triviality that happens to us, and yet not good enough to
recollect how often we have told it to the same person?
                                      - Francois de La Rochefoucauld
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • REVIEW: "Computer Viruses for Dummies", Peter Gregory, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  RE: what is the best procedure to track down a potentially new vi rus/worm/etc?, Ziots, Edward
Next by Date:  Re: what is the best procedure to track down a potentially new virus/worm/etc?, H Carvey
Previous by Thread:  RE: what is the best procedure to track down a potentially new vi rus/worm/etc?, Ziots, Edward
Next by Thread:  Re: what is the best procedure to track down a potentially new virus/worm/etc?, H Carvey
Indexes:  [Date] [Thread] [Top] [All Lists]