Malicious Mobile Code. Virus Protection for Windows - Helion

ebook

Autor: Roger A. Grimes
ISBN: 978-14-919-9470-2
stron: 542, Format: ebook
Data wydania: 2001-08-14
Księgarnia: Helion

Cena książki: 143,65 zł (poprzednio: 167,03 zł)
Oszczędzasz: 14% (-23,38 zł)

Osoby, które kupiły tę książkę, wybierały także »

Malicious mobile code is a new term to describe all sorts of destructive programs: viruses, worms, Trojans, and rogue Internet content. Until fairly recently, experts worried mostly about computer viruses that spread only through executable files, not data files, and certainly not through email exchange. The Melissa virus and the Love Bug proved the experts wrong, attacking Windows computers when recipients did nothing more than open an email. Today, writing programs is easier than ever, and so is writing malicious code. The idea that someone could write malicious code and spread it to 60 million computers in a matter of hours is no longer a fantasy.

The good news is that there are effective ways to thwart Windows malicious code attacks, and author Roger Grimes maps them out inMalicious Mobile Code: Virus Protection for Windows. His opening chapter on the history of malicious code and the multi-million dollar anti-virus industry sets the stage for a comprehensive rundown on today's viruses and the nuts and bolts of protecting a system from them. He ranges through the best ways to configure Windows for maximum protection, what a DOS virus can and can't do, what today's biggest threats are, and other important and frequently surprising information. For example, how many people know that joining a chat discussion can turn one's entire computer system into an open book?

Malicious Mobile Code delivers the strategies, tips, and tricks to secure a system against attack. It covers:

The current state of the malicious code writing and cracker community
How malicious code works, what types there are, and what it can and cannot do
Common anti-virus defenses, including anti-virus software
How malicious code affects the various Windows operating systems, and how to recognize, remove, and prevent it
Macro viruses affecting MS Word, MS Excel, and VBScript
Java applets and ActiveX controls
Enterprise-wide malicious code protection
Hoaxes
The future of malicious mobile code and how to combat such code

These days, when it comes to protecting both home computers and company networks against malicious code, the stakes are higher than ever.Malicious Mobile Code is the essential guide for securing a system from catastrophic loss.

Osoby które kupowały "Malicious Mobile Code. Virus Protection for Windows", wybierały także:

Windows Media Center. Domowe centrum rozrywki 66,67 zł, (8,00 zł -88%)
Ruby on Rails. Ćwiczenia 18,75 zł, (3,00 zł -84%)
DevOps w praktyce. Kurs video. Jenkins, Ansible, Terraform i Docker 190,00 zł, (39,90 zł -79%)
Przywództwo w świecie VUCA. Jak być skutecznym liderem w niepewnym środowisku 58,64 zł, (12,90 zł -78%)
Scrum. O zwinnym zarządzaniu projektami. Wydanie II rozszerzone 58,64 zł, (12,90 zł -78%)

Spis treści

Malicious Mobile Code. Virus Protection for Windows eBook -- spis treści

Malicious Mobile Code
- Preface
  - About This Book
  - Why Another Book on Viruses?
  - What This Book Doesnt Cover
  - Organization of the Book
    - Chapter Summary
  - Conventions Used in This Book
  - Software Covered in This Book
  - Comments and Questions
  - Acknowledgments
- 1. Introduction
  - The Hunt
  - What Is Malicious Mobile Code?
    - Major Types of Malicious Mobile Code
    - In the Wild
    - Malicious Mobile Code Naming
      - VGrep
    - How Bad Is the Problem of Malicious Code?
    - Home Statistics
    - The Growing Problem
    - Anti-malicious Mobile Code Organizations
  - Malicious Code and the Law
  - Malicious Code-Writing Subculture
    - Inside the Malicious Hackers Mind
    - Typical Virus Writer
    - Protesting with Malicious Code
    - Malicious Mobile Code for the Social Good?
    - Hacker Clubs, Newsletters, and Contests
    - Malicious Code Tutorial Books
    - How Does Malicious Code Spread?
  - MMC Terminology
  - Summary
- 2. DOS Computer Viruses
  - Introduction
  - DOS Technologies
    - PC Boot Sequence
    - .EXE and .COM Files
      - .COM files
      - .EXE files
    - Software to Hardware
    - Interrupts
  - DOS Virus Technologies
    - Writing a Virus
  - Types of DOS Viruses
    - Boot Viruses
      - How boot viruses infect hard disks
      - Special boot virus delivery methods
    - Memory Residency
    - File-Infecting Viruses
      - Overwriting viruses
      - Cavity viruses
      - Appending viruses
      - Other executable types
      - Companion viruses
      - Cluster viruses
  - Virus Defense Mechanisms
    - Encryption
    - Polymorphism
    - Entry Point Changers
    - Random Execution
    - Stealth
    - Armor
    - A Good Defense Is a Bad Offense
    - Trouble on the Horizon
  - Examples of DOS Viruses
  - Detecting a DOS-Based Computer Virus
  - Removing a DOS Virus
  - Protecting Yourself from Viruses
  - Risk Assessment -- Low
  - Summary
- 3. Windows Technologies
  - Windows Technologies
    - Windows APIs
      - Win32 API
      - 32-bit access
    - Windows Booting
    - Windows Technologies Introduced with Windows 3.x
      - Text mode to GUI mode booting
      - Virtual machines
      - Program information files
      - Virtual memory and swap files
      - NE executable
      - Core Windows files
      - Dynamic linking libraries
      - Processes and services
      - Initialization files
      - SYSTEM.INI
      - WIN.INI
      - WININIT.INI
      - Startup folder
      - Registration database
      - File type associations
      - Hidden file extensions
      - File types that can hurt
      - Resource sharing
    - Windows 3.x Startup Sequence
    - New Technologies in Windows 9x
      - Old carryovers
      - Dynamic VxDs
      - WINSTART.BAT and DOSSTART.BAT
      - Portable executables
      - Password files
      - Integration of browser and web-based content
      - Safe mode
      - Hard drive file storage schemes
      - Memory rings
    - Windows 9x Startup Sequence
    - Windows NT
      - SAM and NT security
      - Administrators and domains
      - System accounts
      - NTFS
      - NT file streams
      - Multiboot
      - Logging and auditing
    - NT 4.0 Boot Process
  - New Windows Versions
    - Windows ME
      - System restore
      - System file protection
    - Windows 2000
      - Potentially abused components
    - Future Windows Versions
  - Summary
- 4. Viruses in a Windows World
  - DOS Viruses on Windows Platforms
    - Overall Effects on All Windows Platforms
      - Boot virus infections
      - File infections
    - Windows 3.x/DOS Virus Interaction
      - DOS boot viruses and Windows 3.x
      - DOS file infectors under Windows 3.x
    - Windows 9x/DOS Virus Interactions
      - Windows 9x antivirus features
      - Boot viruses and Windows 9x
      - DOS file infectors under Windows 9x
    - Windows NT/DOS Virus Interaction
      - Boot viruses under NT
      - DOS file infectors under NT
    - DOS Virus in Windows Summary
  - Windows Viruses on Windows Platforms
    - First Windows Viruses
    - Effects of Windows Viruses
      - Windows virus implications
  - Signs and Symptoms of Windows NT Virus Infections
    - Common Signs and Symptoms
    - Programs Wont Start
    - Windows Cannot Use 32-bit Disk Support
    - NT STOP Errors
    - Installation Errors
    - Swap File Problems
  - Windows Virus Examples
    - WinNT.Remote Explorer
    - WinNT.Infis
    - Win95.CIH
    - Win32.Kriz
    - Win95.Babylonia
    - Win95.Fono
    - Win95.Prizzy
    - Win32.Crypto
    - Win32.Bolzano
    - Win2K.Stream
  - Detecting a Windows Virus
    - Unplug the PC from the Network
    - Use an Antivirus Scanner
    - Use AV Boot in Windows 2000
    - Troubleshoot Any Boot Problems
    - Run Scandisk
    - Boot to Safe Mode
    - Look for Newly Modified Executables
    - Look for Strange Programs That Automatically Start
    - Look for Strange Device Drivers
    - Look for 32-bit Performance to be Disabled
    - Unexpected System File Protection Messages
  - Removing Viruses
    - Use an Antivirus Scanner
    - Removing Boot Viruses
      - Boot with a clean disk
    - Removing the Boot Virus Manually
  - Removing Infected Files
    - Research the Virus
    - Stop Any Virus Services
    - Boot to the Command-line Mode
    - Delete and Replace Infected Files
    - Clean Up Startup Areas
    - Replace Registry to Remove Malicious Startup Programs
    - Using System Recovery Tools
    - Restore from a Tape Backup
  - Preventing Viruses in Windows
    - Install Antivirus Software
    - Disable Booting from Drive A
    - Dont Run Untrusted Code
    - Install Service Packs and Updates
    - Reveal File Extensions
    - Limit Administrative Logons
    - Tighten Security
  - Future
  - Risk Assessment -- Medium
  - Summary
- 5. Macro Viruses
  - Microsoft Office Version Numbers
  - What Is a Macro Virus?
    - Why Virus Writers Like Macro Viruses
    - How Macro Viruses Spread
    - What a Macro Virus Can Do
  - Microsoft Word and Excel Macros
    - Word Macros
    - Automacros
    - Visual Basic for Applications
    - Excel Macros
  - Working with Macros
    - Macro Editor
    - Organizer
    - Visual Basic Editor
  - Office 2000 Security
    - Security Levels
    - Signed Macros
    - Trusting Add-ins and Templates
    - Office 2000 Security Peculiarities
  - Macro Virus Technologies
    - Word Infections
    - Excel Infections
    - General Macro Virus Techniques
      - Class module viruses
      - Office disables macro copying commands
      - MRU exploits
      - Email viruses
      - Add-in viruses
      - Stealth macro viruses
      - Encrypted and polymorphic macro viruses
      - Dropping off a friend
      - More external manipulation with VBA
      - Startup directory files
      - Random evolution
      - Construction kits
      - Cross-platform infectors
      - Shiver cross-platform virus
      - Language problems
  - Macro Virus Examples
    - W97M.Melissa.ac
    - W97M.Marker
    - Caligula Word Virus
    - Triplicate Virus
    - GaLaDRieL
    - W2KM_PSD
  - Detecting Macro Viruses
    - Macro Warnings
      - Ways viruses can get around macro warnings
    - False-positives
    - Your Word Document Will Only Save as a Template
    - Unexpected Document Modifications,Words, Messages, Graphics
    - New Macros Appear
    - ToolsMacro Is Disabled
    - Global Template File Date Is Current
    - Startup Directory Contains New Files
    - View the Document with a Text Editor
  - Removing Macro Viruses and Repairing the Damage
    - Try a Virus Scanner
    - Get a Clean Application
    - Bypass Automacros
    - Inspect Data and Delete Malicious Macros
    - Repairing Word Documents
    - Manually Repairing Other Damage
    - Restore from a Backup
  - Preventing Macro Viruses
    - Disable Macros in Documents
    - Upgrade All Versions of Office to the Latest Version
    - Automate Document Scanning
    - Set Office Security to High
    - Locking the VBA Normal Project
    - Save Normal Template Prompt
    - Confirming Downloads for Office Documents
    - Rename DEBUG.EXE
    - Word Startup Switches
    - Network Security
  - Risk Assessment -- High
    - The Future of Macro Viruses
      - Getting rid of Microsoft Office isnt the answer
  - Summary
- 6. Trojans and Worms
  - The Threat
  - What Are Trojan Horses and Worms?
  - Signs and Symptoms
  - Types of Trojans
    - Remote Administration Trojans
    - Backdoor Programs
    - Network Redirect
    - Distributed Attacks
    - Denial of Service
    - Direct Action
    - Audio and Video Capturing
    - Phone Dialing Trojans
    - Password Stealers
    - Keyloggers
    - Parasites
  - Trojan Technology
    - Stealth
    - Hiding as Source Code
    - Compressors
    - Binders
    - Sweep Lists
    - Script Trojans
  - Becoming Familiar with Your PC
    - Startup Programs
    - IP Ports
    - TCP and UDP
    - NetStat Command
  - Trojan and Worm Examples
    - Back Orifice
    - PICTURE.EXE Trojan
    - Win32.Ska-Happy99
    - Win32.ExplorerZip
    - Win32.PrettyPark
    - JS.KAK.Worm
    - Bat.Chode.Worm
    - Win32.Qaz
    - Life Stages Worm
  - Detecting and Removing Trojansand Worms
    - Cut Off Internet Access
    - Use Scanners and Detectors
    - Check Your Startup Files
    - Check Memory
    - Look for Trojan Ports
    - Delete Trojan Files
    - Extra Steps for Email Worms
  - Preventing Trojans and Worms
    - Dont Run Unknown Executable Content
    - Scanners and Detector Programs
    - Disable NetBIOS over TCP/IP
    - Download the Latest IE and OS Patches
    - Password-Protect Drive Shares
    - Consider Limiting Email Attachments
    - Rename or Remove Key Executables
    - Change File Associations of Potentially Harmful Programs
    - Use Firewalls
    - Run Programs as a Nonadmin
  - Risk Assessment -- High
  - Summary
- 7. Instant Messaging Attacks
  - Introduction to Instant Messaging
    - Types of Instant Messaging Networks
    - Mobile Messaging
  - Types of Instant Messaging
    - ICQ
    - Internet Relay Chat
    - Web Chats
    - Proprietary IM Standards
  - Introduction to Internet Relay Chat
    - IRC Networks
    - IRC Clients
    - IRC Commands
    - Other IRC Features
      - DCC
      - CTCP
  - Hacking Instant Messaging
    - Hacking AIM and ICQ
      - Punters and busters
      - Malicious file transfers
      - Name hijacking
      - IP address stealing
      - Web buffer overflow
    - Hacking IRC
      - Script files
      - Bots
      - Lag
      - Flooding
      - NetSplit
      - Nick collision kill
      - Channel desyncs
      - Channel wars
      - Network redirection
  - Examples of IRC Attacks
    - Example Malicious Scripts
      - CTCP flood
      - Mass deop attack
    - IRC Worms and Trojans
      - Simpsalapim
      - Mr. Wormy
    - Using IRC to Send Viruses
      - Septic
      - Script worms less of a threat now
  - Detecting Malicious IM
  - Removing Malicious IM
  - Protecting Yourself from IM Attacks
  - Risk Assessment -- Medium
  - Summary
- 8. Internet Browser Technologies
  - Introduction
  - Browser Technologies
    - What Is a Browser?
      - Browser versions
    - URLs
      - Hiding malicious URLs
  - Web Languages
    - HTML
      - Viewing HTML source code
      - HTML versions
    - XML
    - DHTML
    - Scripting Languages
      - JavaScript
      - VBScript
      - JScript
      - Remote scripting calls
      - Hypertext preprocessor script
    - HTML Applications
  - Other Browser Technologies
    - Cascading Style Sheets
    - Privacy Issues
    - Cookies
    - History
    - Frames
    - File and Password Caching
    - AutoComplete
    - Microsoft Wallet and Passport
    - HTTPS and SSL
    - Active Desktop
    - Skins
  - When to Worry About Browser Content
  - Summary
- 9. Internet Browser Attacks
  - Browser-Based Exploits
  - Examples of Attacks and Exploits
    - Viruses and Trojans
      - HTML.Internal
      - PHP viruses and Trojans
      - eBayla
      - Hotmail password exploit
      - Embedded malicious code in shared postings
      - HTML applications
    - Browser Component Exploits
      - Browser print templates
      - File upload forms
    - Redirection Exploits
      - Web spoofing
      - JavaScript redirect
      - XML redirect
      - CSS/DHTML redirect
      - Frame problems
      - Dotless IP address exploit
    - Application Interaction Exploits
      - Russian New Year
      - Media Player vulnerabilities
      - PowerPoint buffer overflow
      - Office 2000 ODBC vulnerability
      - Telnet attacks
      - Active Desktop exploits
      - More Office HTML exploits
    - Privacy Invasions
      - Cookie exploits
      - Cookie hijacking
      - Web bugs
      - Application monitors
      - ImportExportFavorites exploit
      - Cached data bugs
  - Detecting Internet Browser Attacks
    - Use an Antivirus Scanner or Firewall
    - Check Unexpected or Unexplained Errors
    - View Source Code
    - Look for the FileSystemObject in Scripts
    - Look for Unexpected Newly Modified Files
  - Removing and Repairing the Damage
    - Remove Malicious Files
    - Edit or Delete Modified Files
    - Run Repair Tool
  - Preventing Internet Browser Attacks
    - Configure Browser Settings and Zones
      - Internet Explorer security settings
      - Internet Explorer security zones
      - Internet security registry settings
      - New cookie management update
      - Internet Explorer Administration Kit
    - Install the Latest Version of Browser and Security Patches
    - Install and Use an Antivirus Scanner
    - Avoid Untrusted Web Sites
    - Remove HTA Association
  - Risk Assessment -- Medium
  - Summary
- 10. Malicious Java Applets
  - Java
    - Java Virtual Machine
    - Java Byte Code
    - Java Applet Versus Java Application
    - Javas Just-In-Time Compiler
  - Java Security
    - Java Security -- Classic Model
      - Byte Code Verifier
      - Applet Class Loader
      - Name spaces
      - The Security Manager
      - CLASSPATH
      - Some say the sandbox is too secure
      - Java security expands
    - Java 2 Security -- A Granular Approach
    - Archive Formats
      - Java archives
      - Not all Java browsers are created equally
  - Java Exploits
    - Paid to Hack
      - History of Java exploits
    - Types of Exploits
      - Attacks within the sandbox
      - Social engineering applets
      - Java viruses and Trojans
      - Applets that break the sandbox
  - Example Java Exploits
    - Annoying Applets
      - Java.NoisyBear
      - Hostile Thread Java applet
      - DigiCrimes Irritant
    - Java Viruses
      - Strange Brew Java virus
      - BeanHive Java virus
      - Hoax Java bombs
    - Compromising Intrusions
      - DNS subversion trick
      - Bug in the Java Byte Code Verifier
      - Microsoft Virtual Machine Verifier vulnerability
    - Plug-ins
  - Detecting Malicious Java Applets
  - Removing Malicious Java Code
  - Protecting Yourself from Malicious Java Code
    - Total Security: Disable Java
    - Run Only Trusted Java
    - Use an Antivirus Scanner
      - Firewalls
    - Configure Stronger Browser Java Security
      - Internet Explorer Java security
      - Java-specific settings in Internet Explorer
      - Java Scratch Pad
      - Customizing Java permissions in Internet Explorer
    - Apply the Latest Security Patches
    - Use the Latest Browser Version
    - Know Your Java CLASSPATH
    - Disable Plug-ins
    - Remove Unneeded Applets
    - Avoid Malicious Sites
    - Be Aware of Social-Engineered Malicious Code
  - Risk Assessment -- Low
  - Summary
- 11. Malicious ActiveX Controls
  - ActiveX
    - ActiveX Controls
    - ActiveX Scripting
      - Safe for scripting and initializing
    - Differences Between ActiveX and Java
    - Activating ActiveX
      - Cabinet archival files
  - ActiveX Security
    - Digital Signing and Certificates
      - Digital authentication summary
      - Encryption
      - A simple encryption example
      - Public key security
      - Hashing
      - Certificates and certificate authorities
      - Digital certificate incompatibilities
      - Certificate granting process
      - Trusting the trust giver
      - Revocation
      - Always trusting a certificate
    - Authenticode
      - Java, Authenticode, and Internet Explorer
      - Timestamping
    - Signed Code in Action
      - Internet Explorer and Authenticoded Java
  - ActiveX Security Criticisms
    - ActiveX Has No Sandbox
    - Safe for Scripting Vulnerability
    - Buffer Overflows
    - Users Cant Be Trusted
    - Authenticity Doesnt Prevent Tampering
    - Authenticode Is Only as Strong as Its Private Keys
    - Weak Revocation
    - No Granularity
    - ActiveX Controls Are Registered to the Machine
    - No Easy Way to See All Controls
    - Security in Browser
  - Malicious ActiveX Examples
    - Exploder
    - Runner
    - InfoSpace Compromise
    - Quicken Exploit
    - Microsofts Not Safe for Scripting Controls
      - Norton Utilities exploit
      - Help desk controls
      - DHTML edit vulnerability
      - Taskpads
      - Scriptlet.typlib and Eyedog exploits
      - Office 2000 UA control
      - Active Setup control
    - Windows 2000 Sysmon Buffer Overflow
  - Detecting Malicious ActiveX Controls
  - Removing and Preventing Malicious Active Controls
    - Run Only Trusted Code
    - Kill Bit Setting
    - Examine Certificates
    - Configure ActiveX Browser Security
    - Remove Unnecessary Controls
      - Reappearing controls
      - Error messages while removing controls
      - Viewing and removing all controls
    - View Trust Relationships
    - Change Safe for Scripting Functionality
    - Enable Certificate Revocation Checking
  - Risk Assessment -- Medium
  - Summary
- 12. Email Attacks
  - Introduction
  - Email Programs
    - Types of Email
      - MIME
      - Encrypted email
      - Newsgroups
      - Preview pane
      - Hiding behind email
    - Why Is Outlook Such a Popular Target?
    - Microsoft Outlook Technology
      - Outlook interfaces
    - Windows Scripting Host
      - Encoded scripts
      - Future of WSH
  - Email Exploits
    - Email Worms
      - Bubbleboy
      - ILoveYou virus
      - Hiding viruses
      - Hybris
    - Email Exploits
      - Users dont even have to open email to execute exploit
      - Internet cache vulnerability
      - Compiled help vulnerability
      - vCard buffer overflow
  - Detecting Email Attacks
  - Removing Infected Email
    - Information for Microsoft ExchangeServer Administrators
      - ExMerge
  - Preventing Email Attacks
    - Disable Scripting and HTML Content in Email
    - Treat Unexpected Emails with Caution
    - Keep Email Client Updated
    - Run Antivirus Software
    - Implement Outlook Security Patch
      - Getting around blocked access to file attachments
      - Preventing malicious code from using Outlook to spread
      - Strengthening overall Outlook security
      - Options for Outlook 97 and Outlook Express users
      - Problems with Outlook Security Update
      - Uninstalling the Outlook Security Update
    - Remove WSH Association
    - Reveal Hidden File Extensions
    - If You Use Web-based Email, Use Vendors Who Use Antivirus Scanners
    - Modify Security on Outlook Clients
    - Set Up Message Monitoring
  - Risk Assessment -- High
  - Summary
- 13. Hoax Viruses
  - The Mother of All Computer Viruses
    - Bamboozled
    - Why Do People Write Hoax Messages?
    - Partial Truths
    - Hoaxes Can Come True
  - Categories of Hoax Messages
    - Virus Warning
      - Good Times virus
    - Chain Letters
      - Sympathy requests
      - Fake news reports
      - Giveaways
      - Threats
  - Detection
    - Read Message Looking for Telltale Signs
    - Search for Information on Hoax
      - Web sites about hoaxes
      - Commercial vendor web sites
  - Removing and Preventing Hoax Viruses
    - Let Others Know It Is a Hoax
    - Use ExMerge to Delete All Hoax Messages at Once
    - Set Up an Email Filter
  - Risk Assessment -- Low
    - Future Hoaxes Will Be Better
  - Summary
- 14. Defense
  - Defense Strategy
  - Malicious Mobile Code Defense Plan
    - How to Create a Malicious Mobile Code Defense Plan
      - Get management to buy in
      - Pick a plan team
      - Pick an operational team
      - Take a technology inventory
      - Determine plan coverage
      - Discuss and write the plan
      - Test the plan
      - Implement the plan
      - Provide quality assurance testing
      - Protect new assets
      - Test Rapid Response Team
      - Predefine a process for updating and reviewing plan
    - The Plan
      - Remember to address foreign computers and networks
      - Plan core
      - Deployment
      - Distributing updates
      - Communication plan
      - End user education
      - Rapid response plan
    - Rapid Response Plan Steps
  - Use a Good Antivirus Scanner
    - Checksums Versus Scan Strings
    - Traits of a Good Antivirus Scanner
      - Fast and accurate
      - Stability
      - Transparency
      - Runs on your platforms
      - Customizable
      - Scanner should protect itself
      - Good cleaning rate
      - Scanning archived files
      - Heuristics
      - Rescue diskette
      - Automated updates
      - Good technical support
      - Proactive research
      - Enterprise capabilities
      - Logging
      - Notification
      - Email capabilities
  - Antivirus Scanning Locations
    - Desktop
    - Email Server
    - File Server
    - Internet Border
    - Where Should Antivirus Software Run?
    - Other Antivirus Scanner Considerations
      - When to scan
      - Internet-based scanning
      - Should you disable the antivirus scanner to install new software?
  - The Best Steps Toward Securing Any Windows PC
  - Additional Defense Tools
    - Firewalls
    - Intrusion Detection
    - Honey Pots
    - Port Monitors and Scanners
    - Security Scanners
    - Internet Content Scanners
    - Miscellaneous Utilities
      - SmartWhoIs
      - Locking programs down
      - Filemon and Regmon
      - Goat files
    - Good Backup
  - Antivirus Product Review
    - Symantecs Norton Antivirus
  - Future
  - Summary
- 15. The Future
  - The Future of Computing
    - Media Convergence
    - Distributed Computing
    - Other Key Technology Changes
      - P2P computing
      - Microsofts domination weakens
      - Small computers
      - Appliance computing
      - Government monitoring
  - MMC Exploits
    - Malicious Code Popularity Will Increase
    - Hacktivism Will Rise
    - Increase in Linux Viruses
    - Connectedness Can Be a Weakness
    - Denial of Service Attacks
    - Attack of the Killer Copier
  - Real Defense Solutions
    - Audit All Code
    - Ultimate Authentication
    - More Secure Applications
    - Prevent Unauthorized Code Changes
    - ISP Scanning
    - Allow Only Approved Content to Execute
    - National Security Infrastructure
    - Stiffer Penalties
  - Summary
- Index
- Colophon