Managed Code Rootkits: Hooking into Runtime Environments

Managed Code Rootkits: Hooking into Runtime EnvironmentsImagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security checks. Erez Metula shows the reader how these rootkits are developed and inserted and how this attack can change the managed code that a computer is running, whether that be JAVA, .NET, Android Dalvik or any other managed code. Management development scenarios, tools like ReFrameworker, and countermeasures are covered, making this book a one stop shop for this new attack vector.

  • Introduces the reader briefly to managed code environments and rootkits in general
  • Completely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation
  • Focuses on managed code including Java, .NET, Android Dalvik and reviews malware development scenarios

Price: $49.95

Click here to buy from Amazon

Unmasked

UnmaskedAnonymous got lucky. When five of its hackers attacked security company HBGary Federal on February 6, 2011, they were doing so in order to defend the group’s privacy. It wasn’t because they hoped to reveal plans to attack WikiLeaks, create surveillance cells targeting pro-union organizations, and sell sophisticated rootkits to the US government for use as offensive cyber weapons—but that’s what they found.

In the weeks after the attack, the hackers released tens of thousands of e-mail messages and made headlines around the world. Aaron Bar, the CEO of HBGary Federal, eventually resigned; 12 Congressman called for an investigation; an ethics complaint was lodged against a major DC law firm involved with some of the more dubious plans.

Join Ars' editors as they dig into the secret world of Anonymous and hackers for hire in Unmasked.

Price: $1.99

Click here to buy from Amazon

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)“I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn’t make any sense. I asked other people and they didn’t seem to know how these things work, or at least they couldn’t explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!”

—Stephen Northcutt, CEO, SANS Institute

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It’s technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field.”
—From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World

“What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks.”
—Lenny Zeltser, coauthor of Malware: Fighting Malicious Code

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis’s real strength is in his ability to show complex topics in an understandable form. By the time he’s done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both.”
—William Stearns, network security expert, www.stearns.org

“This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written.”
—Warwick Ford, coauthor of Secure Electronic Commerce

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You’ll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.

Important features of this new edition include

  • All-new “anatomy-of-an-attack” scenarios and tools
  • An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and “Google hacking”
  • New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit
  • New information on dangerous, hard-to-detect, kernel-mode rootkits

Price: $69.99

Click here to buy from Amazon