|
Preface |
7 |
|
|
Contents |
19 |
|
|
Introduction |
22 |
|
|
1 Physical Security |
36 |
|
|
1.1 Side-Channel Attacks |
36 |
|
|
1.2 Physical Threats |
41 |
|
|
1.3 Laptop Security |
47 |
|
|
1.4 Disaster Recovery Planning |
49 |
|
|
1.5 Privacy Protection |
50 |
|
|
2 Viruses |
54 |
|
|
2.1 Operating Systems |
55 |
|
|
2.2 Computer Viruses |
57 |
|
|
2.3 Virus Writers |
61 |
|
|
2.4 Virus Propagation |
64 |
|
|
2.5 Virus Classi.cation |
67 |
|
|
2.6 Boot Sector Viruses |
69 |
|
|
2.7 File Infector Viruses |
72 |
|
|
2.8 Companion Viruses |
76 |
|
|
2.9 Multipartite Viruses |
77 |
|
|
2.10 Macro and Script Viruses |
78 |
|
|
2.11 Infected Images |
80 |
|
|
2.12 Virus Life Cycle |
83 |
|
|
2.13 Viruses and UNIX |
86 |
|
|
2.14 Viruses and the Macintosh |
86 |
|
|
2.15 Viruses and the Amiga |
87 |
|
|
2.16 Virus Replication |
87 |
|
|
2.17 Virus Payload |
87 |
|
|
2.18 Virus Organization |
95 |
|
|
2.19 Virus Naming |
96 |
|
|
2.20 Virus Hiding Methods |
97 |
|
|
2.21 Polymorphism |
101 |
|
|
2.22 Virus Stealth Techniques |
104 |
|
|
2.23 Interrupts and Viruses |
105 |
|
|
2.24 Trapdoors |
109 |
|
|
3 Worms |
112 |
|
|
3.1 Code Red I |
114 |
|
|
3.2 Worming Techniques |
116 |
|
|
3.3 Proposing a CCDC |
126 |
|
|
3.4 The Internet Worm |
129 |
|
|
4 Trojan Horses |
134 |
|
|
4.1 Applications of Trojans |
135 |
|
|
4.2 Installing a Trojan |
137 |
|
|
4.3 Rigging a Compiler |
139 |
|
|
5 Examples of Malware |
146 |
|
|
5.1 The Lehigh Virus |
146 |
|
|
5.2 The Brain Virus |
147 |
|
|
5.3 The Michaelangelo Virus |
148 |
|
|
5.4 The SirCAM Virus |
149 |
|
|
5.5 The Melissa Virus |
150 |
|
|
5.6 Scores Virus |
151 |
|
|
5.7 Swiss Amiga Virus |
152 |
|
|
5.8 Christmas Card Virus |
152 |
|
|
5.9 VBS.KAK Worm |
153 |
|
|
5.10 The Cruncher Virus |
154 |
|
|
5.11 Opener Virus |
155 |
|
|
5.12 MTX Worm/Virus |
156 |
|
|
6 Prevention and Defenses |
160 |
|
|
6.1 Understanding Vulnerabilities |
160 |
|
|
6.2 Defenses Against Malware |
165 |
|
|
6.3 Anti-Virus Software |
166 |
|
|
6.4 Backups and Such |
176 |
|
|
6.5 Hoaxes |
181 |
|
|
7 Network Security |
184 |
|
|
7.1 Internet Vulnerabilities |
184 |
|
|
7.2 Port Scanning |
185 |
|
|
7.3 Spoofs |
186 |
|
|
7.4 Spam |
190 |
|
|
7.5 Denial of Service |
202 |
|
|
7.6 Firewall Basics |
205 |
|
|
8 Authentication |
210 |
|
|
8.1 Local Authentication |
211 |
|
|
8.2 Biometric Techniques |
211 |
|
|
8.3 Passwords |
217 |
|
|
9 Spyware |
232 |
|
|
9.1 Introduction and De.nition |
233 |
|
|
9.2 RIAA and Spyware |
236 |
|
|
9.3 Terrorism and Spyware |
238 |
|
|
9.4 Political Contributions |
239 |
|
|
9.5 Distribution of Spyware |
240 |
|
|
9.6 Remote Reporting |
243 |
|
|
9.7 Adware |
246 |
|
|
9.8 Spyware? |
247 |
|
|
10 Identity Theft |
252 |
|
|
10.1 Introduction |
253 |
|
|
10.2 Shredding |
257 |
|
|
10.3 Internet Cookies |
259 |
|
|
10.4 Phishing |
260 |
|
|
10.5 The Homograph Threat |
266 |
|
|
11 Privacy and Trust |
268 |
|
|
11.1 Privacy Issues |
269 |
|
|
11.2 Online Privacy |
272 |
|
|
11.3 Children’s Privacy |
274 |
|
|
11.4 Trust |
279 |
|
|
12 Elements Of Cryptography |
284 |
|
|
12.1 Principles of Cryptography |
285 |
|
|
12.2 Kerckhoffs’s Principle |
286 |
|
|
12.3 Polybius’s Monoalphabetic Cipher |
287 |
|
|
12.4 Polybius’s Polyalphabetic Cipher |
289 |
|
|
12.5 The One-Time Pad |
290 |
|
|
12.6 The Key Distribution Problem |
292 |
|
|
12.7 Diffe-Hellman-Merkle Keys |
293 |
|
|
12.8 Public-Key Cryptography |
294 |
|
|
12.9 RSA Cryptography |
295 |
|
|
12.10 SSL: Secure Socket Layer |
299 |
|
|
A l33t Speak |
306 |
|
|
B Virus Timeline |
310 |
|
|
Concluding Remarks |
326 |
|
|
Malware: Summary |
328 |
|
|
Final Conclusions |
329 |
|
|
Answers to Exercises |
332 |
|
|
Glossary |
348 |
|
|
Bibliography |
364 |
|
|
Index |
378 |
|
|
Colophon |
390 |
|
|
More eBook at www.ciando.com |
0 |
|