Skip to Content
Malware: Fighting Malicious Code
book

Malware: Fighting Malicious Code

by Ed Skoudis, Lenny Zeltser
November 2003
Beginner to intermediate content levelBeginner to intermediate
672 pages
18h 40m
English
Pearson
Content preview from Malware: Fighting Malicious Code

Summary

By manipulating the underlying kernel of an operating system, an attacker can exercise fundamentally deeper control of a victim machine than with user-mode RootKits. Burrowing into the kernel with a kernel-mode RootKit is a remarkably effective technique for masking the attacker's presence on a system. The kernel is the heart of the operating system, controlling processes, memory, the file system, other hardware elements, and interrupts. The kernel relies on protections built into the CPU hardware, such as the various rings on an x86-compatible CPU. Both Linux and Windows use Ring 0 for kernel mode operations and Ring 3 for user mode. Running in kernel mode (i.e., Ring 0) is different from running with root or administrator privileges. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Real 802.11 Security: Wi-Fi Protected Access and 802.11i

Real 802.11 Security: Wi-Fi Protected Access and 802.11i

Jon Edney, William A. Arbaugh
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

Michael Hale Ligh, Steven Adair, Blake Hartstein, Matthew Richard
Enterprise Java™ Security: Building Secure J2EE™ Applications

Enterprise Java™ Security: Building Secure J2EE™ Applications

Marco Pistoia, Nataraj Nagaratnam, Larry Koved, Anthony Nadalin
Malicious Cryptography: Exposing Cryptovirology

Publisher Resources

ISBN: 0131014056Purchase book