"AVIEN Malware Defense Guide for the Enterprise", David Harley et al,
2007, 978-1-59749-164-8, U$59.95
%A David Harley David.A.Harley@...
%A Ken Bechtel
%A Michael Blanchard
%A Henk K. Diemer
%A Andrew Lee
%A Igor Muttik
%A Bojan Zdrnja
%C 800 Hingham Street, Rockland, MA 02370
%G 1-59749-164-0 978-1-59749-164-8
%I Syngress Media, Inc.
%O U$59.95 781-681-5151 fax: 781-681-3585 www.syngress.com
%O Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P 540 p.
%T "AVIEN Malware Defense Guide for the Enterprise"
The preface and introduction stress that this work is a collaborative
effort, combining the views of a number of AVIEN (Anti-Virus
Information Exchange Network) and AVIEWS (Anti-Virus Information and
Early Warning System) members, trying to avoid the blind spots that
result from perspectives limited to one individual or company.
Chapter one outlines the history of AVIEN, noting the tensions between
the (rather small) community that has concentrated on research about
malware and protection against the various threats and the general
user population. (The general user population includes, for various
reasons, many of the producers and vendors of antivirus products.) It
is noted (although not stressed) that AVIEN concentrates on protection
of medium to large companies, and this point is important in regard to
protective approaches. A brief, historically-oriented, look at
malware and related issues, in chapter two, tries to eliminate common
confusion and sets a groundwork for further discussion. The Web is
now a major source of security vulnerabilities, but the malware
literature has seldom considered the problem as a specific category,
so chapter three's excellent overview of the related technologies and
exploits is particularly welcome. Botnets are a major threat (or
threats: they are used in a variety of ways), and there is a good
examination of the major associated concepts in chapter four.
Unfortunately, the material is somewhat loosely structured and may be
confusing to some readers, and occasionally emphasizes specific (and
sometimes dated) technologies rather than the basic ideas. Chapter
five examines the often-asked question of who writes malware, bringing
up a good deal of interesting material. The text itself may be of
scant use to system administrators, although the points made in the
summary do indicate trends of concern.
Chapter six turns to protective measures, covering not just the usual
antiviral technologies, but advising on layered defence, with the
attendant required planning and management. Outsourcing, of security
functions in general, and antiviral protection in particular, is
reviewed in chapter seven, with attention paid to both the dangers and
the conditions, agreements, and other factors that might provide
success. Chapter eight's look at security awareness training and user
education seems to be intended to promote the idea, but is weaker in
providing solutions than other areas of the book, concentrating
primarily on the difficulties and failures.
A variety of tools that might be used in malware analysis, ranging
from system information utilities through debuggers to online virus
detectors, are listed in chapter nine. Chapter ten considers aspects
of evaluating antiviral products, and makes a good, general guide.
Chapter eleven notes that the AVIEN organization is changing, and
feels like a promotional item to get the reader to become involved,
but the lack of detail of what the institution might become does not
seem calculated to appeal to busy administrators.
The book contains a tremendous wealth of information and references to
specific resources and studies. This is not surprising, given the
background of the authors, and would, alone, make the text worthwhile.
Overall this work provides a solid overview and compendium of advice
on the current malware situation, and should be a required starting
point for anyone protecting corporate assets in the current, highly
copyright Robert M. Slade, 2008 BKAVNMDG.RVW 20080420
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Let others complain that the times are wicked. I complain that
they are paltry; for they are without passion. The thoughts of
men are thin and frail like lace, and they themselves are feeble
like girl lace-makers. The thoughts of their hearts are too puny
to be sinful. - Soren Kierkegaard (1813-1855), Either/or (1843)