By Greg Hoglund
"It's vital that everyone operating within the box of cyber-security learn this publication to appreciate the growing to be danger of rootkits."
--Mark Russinovich, editor, home windows IT professional / home windows & .NET Magazine
"This fabric isn't just up to date, it defines updated. it's really state of the art. because the merely ebook at the topic, Rootkits might be of curiosity to any home windows protection researcher or protection programmer. it truly is targeted, good researched and the technical details is great. the extent of technical element, study, and time invested in constructing suitable examples is amazing. in a single notice: Outstanding."
--Tony Bautts, safeguard advisor; CEO, Xtivix, Inc.
"This e-book is a vital learn for an individual liable for home windows safeguard. safety execs, home windows procedure directors, and programmers regularly should want to comprehend the recommendations utilized by rootkit authors. At a time whilst many IT and protection execs are nonetheless caring concerning the newest e mail virus or how one can get all of this month's defense patches put in, Mr. Hoglund and Mr. Butler open your eyes to a few of the main stealthy and demanding threats to the home windows working method. simply through knowing those offensive thoughts are you able to accurately guard the networks and platforms for that you are responsible."
--Jennifer Kolde, safeguard advisor, writer, and Instructor
"What's worse than being owned? now not understanding it. discover what it ability to be owned via studying Hoglund and Butler's first-of-a-kind ebook on rootkits. on the apex the malicious hacker toolset--which contains decompilers, disassemblers, fault-injection engines, kernel debuggers, payload collections, insurance instruments, and circulate research tools--is the rootkit. starting the place Exploiting software program left off, this booklet exhibits how attackers disguise in simple sight.
"Rootkits are tremendous robust and are the following wave of assault expertise. Like different sorts of malicious code, rootkits thrive on stealthiness. They disguise clear of typical process observers, applying hooks, trampolines, and patches to get their paintings performed. refined rootkits run in any such means that different courses that sometimes video display computer habit cannot simply observe them. A rootkit hence presents insider entry basically to those that be aware of that it really is working and on hand to just accept instructions. Kernel rootkits can cover records and working tactics to supply a backdoor into the objective machine.
"Understanding the final word attacker's software offers a massive motivator for these folks attempting to protect platforms. No authors are higher fitted to provide you with an in depth hands-on figuring out of rootkits than Hoglund and Butler. larger to possess this ebook than to be owned."
--Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting software program (2004) and construction safe software program (2002), either from Addison-Wesley
"Greg and Jamie are undoubtedly the go-to specialists in terms of subverting the home windows API and developing rootkits. those masters come jointly to pierce the veil of poser surrounding rootkits, bringing this data out of the shadows. someone even remotely drawn to defense for home windows structures, together with forensic research, should still comprise this publication very excessive on their must-read list."
--Harlan Carvey, writer of home windows Forensics and Incident restoration (Addison-Wesley, 2005)
Rootkits are the final word backdoor, giving hackers ongoing and almost undetectable entry to the structures they make the most. Now, of the world's top specialists have written the 1st complete advisor to rootkits: what they're, how they paintings, how you can construct them, and the way to notice them. Rootkit.com's Greg Hoglund and James Butler created and educate Black Hat's mythical direction in rootkits. during this e-book, they show never-before-told offensive points of rootkit technology--learn how attackers can get in and remain in for years, with no detection.
Hoglund and Butler express precisely how you can subvert the home windows XP and home windows 2000 kernels, educating suggestions which are simply utilized to almost any smooth working process, from home windows Server 2003 to Linux and UNIX. They train rootkit programming options that may be used for a variety of software program, from white hat defense instruments to working approach drivers and debuggers.
After examining this ebook, readers might be capable to
- Understand the position of rootkits in distant command/control and software program eavesdropping
- Build kernel rootkits which can make approaches, documents, and directories invisible
- Master key rootkit programming suggestions, together with hooking, runtime patching, and at once manipulating kernel items
- Work with layered drivers to enforce keyboard sniffers and dossier filters
- Detect rootkits and construct host-based intrusion prevention software program that resists rootkit attacks