While
there is some basic information about viruses and trojans
in
this work, it isn't clear, good, particularly helpful,
or easy to
extract from the surrounding verbiage. What content is
related to
networks has very little to do with securing or protecting
them from
malware.
Part
one looks at threat analysis. Chapter one lists various
types of
problems that might possibly arise from the presence
of malware.
Generic statements about virus writers, with little judgment
or
backing, are made in chapter two. Programs related to
malware are
described in chapter three, although the examples and
explanation are
limited. Chapter four is a poorly structured and disorganized
list of
viruses, rife with artificial distinctions. (Two of the
classifications are said to be "UNIX viruses" and "Linux
viruses").
There are some examples, but with poor analysis and interpretation.
Part two talks
about defence. "Fundamentals Needed
for Digital
Security," as chapter five is entitled, contains
a random assortment
of semi-technical topics which does not have enough detail
or
definition to be of much use in establishing protection.
Haphazard
net topics are reviewed in chapter six. Chapter seven
lists various
network applications, threats (such as stalking) that
are not related
to malware, and a list of ports used by trojans--but
the directions on
how to determine whether those ports are in use on your
machine do not
appear until the following chapter, along with some generic
advice on
policies and awareness training. Firewalls, antivirus
software, and
backups are outlined in chapter nine, but with terse
and poor
explanations. Server and application vulnerabilities
are briefly
discussed in chapter ten.
Part
three is supposed to look ahead. Chapter eleven has
an
unfocussed and sensationalist commentary on cyberterrorism.
A grab
bag of security topics is in chapter twelve.
The
text has numerous errors, but they are neither excessively
abundant (in comparison to some of the other horrible
examples extent)
nor especially egregious. Saying that this work is "less
bad" than
the worst, though, is hardly a recommendation. The book
is
indifferent and slipshod (many of the entries in the
glossary are very
careless) and does not contribute to the body of malware
literature.
copyright Robert M. Slade, 2003 BKSTNFMC.RVW 20030727
|