Malicious mobile code is a new term to describe all sorts of destructive programs: viruses, worms, Trojans, and rogue Internet content. Until fairly recently, experts worried mostly about computer viruses that spread only through executable files, not data files, and certainly not through email exchange. The Melissa virus and the Love Bug proved the experts wrong, attacking Windows computers when recipients did nothing more than open an email. Today, writing programs is easier than ever, and so is writing malicious code. The idea that someone could write malicious code and spread it to 60 million computers in a matter of hours is no longer a fantasy. The good news is that there are effective ways to thwart Windows malicious code attacks, and author Roger Grimes maps them out in Malicious Mobile Code: Virus Protection for Windows. His opening chapter on the history of malicious code and the multi-million dollar anti-virus industry sets the stage for a comprehensive rundown on today's viruses and the nuts and bolts of protecting a system from them. He ranges through the best ways to configure Windows for maximum protection, what a DOS virus can and can't do, what today's biggest threats are, and other important and frequently surprising information. For example, how many people know that joining a chat discussion can turn one's entire computer system into an open book? Malicious Mobile Code delivers the strategies, tips, and tricks to secure a system against attack. It covers:

• The current state of the malicious code writing and cracker community

• How malicious code works, what types there are, and what it can and cannot do

• Common anti-virus defenses, including anti-virus software

• How malicious code affects the various Windows operating systems, and how to recognize, remove, and prevent it

• Macro viruses affecting MS Word, MS Excel, and VBScript

• Java applets and ActiveX controls

• Enterprise-wide malicious code protection

• Hoaxes

• The future of malicious mobile code and how to combat such code

These days, when it comes to protecting both home computers and company networks against malicious code, the stakes are higher than ever. Malicious Mobile Code is the essential guide for securing a system from catastrophic loss.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 6 Ratings

A great security overview - 2002-03-17
Reviewer Rating:
Keeping up with computer security is a full time job. Grimes has given a clear, precise primer of one aspect of computer security - viruses, trojans, worms - collectively known as malicious mobile code. The book is DOS/Windows centric, but this focus helps you see a) where the threats for the most part, and b) allows you to extend the types of threats into other operating systems. You are taken step by step through the development of malicious code and how and why they can work on some systems, but less effectively on others. The constant refrain of the book shows the author's philosophy: Use an up to date anti-virus product. But if somethign slips by, Grimes shows you ways to react, and lessen the impact if not to this once computer, but to the rest on the network. It is easily one of the most readable books I have encountered on the subject.

This book is an essential reference for any computer manager's toolkit. We can't stop the code writers from producing thier output, but we can work to lessen the impact they can have on us.

A student's perspective - 2004-02-14
Reviewer Rating:
More important than anything else I can say about this book is that it was a good read! Being subject to often boring books on algorithms, and operating systems, this book kept me captivated with its straight forward presentation, and even more remarkable stories. Even if you never plan to start editting a registry, this book is worth reading.

What I got most from this book though was a perpective on dealing with virus (etc) problems overall. Identifying what area of a system needs examining, what precautions should be taken, and even classifying symptoms, was very enlightning. That it was also a major source in a paper I received an A on, doesn't hurt either. I am sure it will come in as a handy reference for some time yet.

Highly Informative Look at Viruses, Worms, etc - 2001-11-06
Reviewer Rating:
This book offers one of the best and most complete look at viruses, worms, Trojans, and any other type of program designed to "infect" a computer. It describes not only the various types of "malicious programs" out there, but also the environments in which they run. The book's second chapter discusses DOS based viruses, and even if DOS is not that popular anymore, it is good for a historical reference.

The book goes on to discuss Windows-related viruses, macro viruses, as well as Trojans and worms. Each chapter gives examples of what to look for if you suspect you have been infected, and the early chapters give summaries of "famous viruses of the past." Also discussed are attacks involving IRC and other instant messaging programs, browser technologies, malicious Java applets, and what types of attacks can occur with Active X. There's also a chapter devoted to email attacks.

The book finishes off with chapters on hoax viruses, which can be just as dangerous sometimes as real viruses, when people assume the hoaxes are true, how to defend against malicious code, and finally what the future entails.

Malicious code unfortunately is a way of life and this book offers lots of information on how to avoid them and also what to do if your computer does get infected.

Well written book! - 2002-02-20
Reviewer Rating:
I confess to some bias - I was one of the tech reviewers on this book. I work with network security all of the time, but one area I'm not an expert on is viruses. Reviewing Roger's book was a real education - I learned quite a bit. I also known from experience that writing about technical subjects can be difficult and dry - this book was an easy read all the way through. If you're interested in learning more about viruses, this is a must-have.

SANS 504 GCIH - 2008-02-06
Reviewer Rating:
If you are interested in the SANS 504 GCIH certification, this is a great primer text if not better than their class. At the very least this will prepare you for the hands on aspect of that environment. This is pure network based hacking from my point of view and although these exploits can be used via the web, they deal mainly with vulnerabilities not of the web application layer. Something that I would really like to see in a text such as this is a complete exploit, which is known and patched, exploited step by step. Even in the SANS world this was not facilitated and if we are to ever truly educate security professionals on the "black arts" of hacking, then we must teach them by example. People don't learn calculus without a step by step explanation on how to arrive at the solution, so why would we expect security professionals to learn an exploit method using partial code snippets or theories? Get with the program and use disclosure as the powerful tool it represents.

Browse Similar Topics

Top Level Categories:
Internet/Online
Networking
Security

Sub-Categories:
Internet/Online > Security
Networking > Security
Security > Internet/Online
Security > Networking