Trojans, Worms, and Spyware —— A Computer Security Professional's Guide to Malicious Code

----- 特洛伊、蠕虫与间谍软件

ISBN: 9780750678483 出版年：2004 页码：233 Erbschloe, Michael Butterworth-Heinemann_RM

Preface Dedication Acknowledgements Introduction Chapter One: Malicious Code Overview Why Malicious Code Attacks are Dangerous The Impact of Malicious Code Attacks on Corporate Security Why Malicious Code Attacks Work Flaws in Software Weaknesses in System and Network Configurations Social Engineering Human Error and Foolishness Hackers, Thieves, and Spies Action Steps to Combat Malicious Code Attacks Chapter Two: Types of Malicious Code Email Viruses Trojans Back Doors Worms Blended Threats Time Bombs Spy Ware Ad Ware Steal Ware Action Steps to Combat Malicious Code Attacks Chapter Three: Review of Malicious Code Incidents Historic Tidbits The Morris Worm Melissa Love Bug Code Red(s) SirCam Nimda Slammer The Summer of 2003 Barrage of Blaster, Sobig and More Early 2004 with MyDoom, Netsky and More Action Steps to Combat Malicious Code Attacks Chapter Four: Basic Steps to Combat Malicious Code Understanding The Risks Using Security Policies to Set Standards System and Patch Updates Establishing a Computer Incident Response Team Training for IT Professionals Training End Users Applying Social Engineering Methods in an Organization Working with Law Enforcement Agencies Action Steps to Combat Malicious Code Attacks Chapter Five: Organizing for Security, Prevention, and Response Organization of the IT Security Function Where Malicious Code Prevention fits Into the IT Security Function Staffing for Malicious Code Prevention in IT Budgeting for Malicious Code Prevention Evaluating Products for Malicious Code Prevention Establishing and Utilizing an Alert Systems Establishing and Utilizing a Reporting System Corporate Security and Malicious Code Incident Investigations Action Steps to Combat Malicious Code Attacks Chapter Six: Controlling Computer Behavior of Employees Policies on Appropriate Use of Corporate Systems Monitoring Employee Behavior Site Blockers and Internet Filters Cookie and Spyware Blockers Pop Up Blockers Controlling Downloads SPAM Control Action Steps to Combat Malicious Code Attacks Chapter Seven: Responding to a Malicious Code Incident The First Report of a Malicious Code Attack The Confirmation Process Mobilizing the Response Team Notifying Management Using an Alert system and Informing End-Users Clean up and Restoration Controlling and Capturing Malicious Code Identifying the Source of Malicious Code The Preservation of Evidence When to Call Law Enforcement Enterprise Wide Eradication Returning to Normal Operations Analyzing Lessons Learned Action Steps to Combat Malicious Code Attacks Chapter Eight: Model Training Program for End-Users Explaining why The Training is Important Explaining The Appropriate Use Policy for Computers and Networks Explaining How the Help Desk and PC Support of the Organization Works Covering the Basic Dos and Donts of Computer Usage to Prevent Attacks Providing Basic Information about Malicious Code Explaining How it Identify Potentially Malicious Code Explaining What Employees Should to do if They Suspect Code is Malicious Explaining What Employees Should Expect From the IT Department During Incident Response. Performing the Administrative Aspects of a Training Program Action Steps to Combat Malicious Code Attacks Chapter Nine: The Future of Malicious Code Military Style Information Warfare Open Source Information Warfare Militancy and Social Action Homeland Security Efforts Action Steps to Combat Malicious Code Attacks Index Appendix A: Computer Security Resources