Rootkits: Subverting the Windows Kernel (Addison-Wesley Software Security Series) | 
 enlarge | Authors: Greg Hoglund, Jamie Butler
Publisher: Addison-Wesley Professional
Category: Book
List Price: $54.99
Buy New: $16.11
You Save: $38.88 (71%)
New (31) Used (14) from $16.10
Avg. Customer Rating:  21 reviews
Sales Rank: 56754
Media: Paperback
Number Of Items: 1
Pages: 352
Shipping Weight (lbs): 1.4
Dimensions (in): 9.1 x 7 x 0.9
ISBN: 0321294319
Dewey Decimal Number: 005.8
EAN: 9780321294319
ASIN: 0321294319
Publication Date: August 1, 2005
Availability: Usually ships in 1-2 business days
Shipping: Expedited shipping available
Condition: Brand new!
|
| Also Available In:
|
| Similar Items:
|
| Customer Reviews: Read 16 more reviews...
Excellent intermediate/advanced security book February 2, 2008
0 out of 1 found this review helpful
I finally picked up this book last year and throughoughly enjoyed it. I keep referring to it because the examples build up to the point of qualified proof of concept. The examples also are different enough from the other ones that are easy to find with Google, so between the two you get a complete view of the vulnerable issue.
The book's title should be obvious enough; this is NOT a book of defenses. However, if you understand these attacks you will be better equiped to deal with them when they happen. This book is no replacement for hands-on training in person with a qualified instructor such as at the SANS Institute, but it is an excellent supplement.
Great Book July 25, 2007
Its a great place to start...and works its way through some pretty indepth concepts. The great part is that for the beginner it is step by step....and they tell you were to download everything you will need. Anyways loved it, read it twice.
 The definitive text on Windows rootkits, applicable in 2005 or 2007 June 23, 2007
5 out of 5 found this review helpful
I read Rootkits: Subverting the Windows Kernel last year, but waited until I read Joseph Kong's Designing BSD Rootkits before reviewing both books. In a head-to-head comparison, I thought Kong's book was easier to comprehend and directly covered the key techniques I wanted to see. If I could give this book 4 1/2 stars I would, but Amazon doesn't allow that luxury.
Hoglund and Butler should be commended for writing this book. It really does assemble the parts (meaning techniques and code) necessary to implement a Windows rootkit, at least prior to Windows Vista. My only concern is that, at times, the authors are not as clear as I hoped they might be. This is probably due to the fact that they are two of the best rootkit writers on the planet, so they probably do not remember what it was like to not understand "hooking" and other techniques.
In some ways Rootkits is probably a book best suited for other experts (like many who wrote reviews here). That leaves beginners (like myself) wishing for a little more foundation or direct language prior to reading about implementation tricks.
One of the greatest strengths of this book, however, is the degree to which it exposes the internal workings of Windows. For greatest effect it's probably worth reading Microsoft Windows Internals, Fourth Edition by Russinovich and Solomon first.
Note that although I found the direct approach of the BSD rootkits book better for my learning style, this book by Hoglund and Butler is deeper in several areas. In fact, those who liked the BSD rootkits book would do well to read its Windows counterpart to learn tricks from Hoglund and Butler.
Belongs on all IT security professionals' bookshelves March 29, 2007
2 out of 2 found this review helpful
Not an easy read if you're not already familiar with programming and operating system concepts, but then if you are an IT security professional you'd better be, and the book explains why.
Excellent read January 17, 2007
1 out of 2 found this review helpful
I have been around the software industry now for almost 20 years and every now and then I find a book where I learn exciting things, this is one of those books. It reminds me of the early days of low level Windows programming but with very up to date information on the OS and how to apply it. The book is obviously designed to attract hackers - both black and white hats - however it does do a good job diving on the internals of the Posix and Windows subsystems. If you like low level stuff this book is for you.
|
|
|
