IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled



BKSTNFMC.RVW 20030727

"Securing the Network from Malicious Code", Douglas Schweitzer, 2002, 0-7645-4958-8, U$40.00/C$60.99/UK#29.95
%A Douglas Schweitzer
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%D 2002
%G 0-7645-4958-8
%I John Wiley & Sons, Inc.
%O U$40.00/C$60.99/UK#29.95 416-236-4433 fax: 416-236-4448
%O http://www.amazon.com/exec/obidos/ASIN/0764549588/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0764549588/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0764549588/robsladesin03-20
%P 338 p.
%T "Securing the Network from Malicious Code"

 

While there is some basic information about viruses and trojans in this work, it isn't clear, good, particularly helpful, or easy to extract from the surrounding verbiage. What content is related to networks has very little to do with securing or protecting them from malware.

Part one looks at threat analysis. Chapter one lists various types of problems that might possibly arise from the presence of malware. Generic statements about virus writers, with little judgment or backing, are made in chapter two. Programs related to malware are described in chapter three, although the examples and explanation are limited. Chapter four is a poorly structured and disorganized list of viruses, rife with artificial distinctions. (Two of the classifications are said to be "UNIX viruses" and "Linux viruses"). There are some examples, but with poor analysis and interpretation.

Part two talks about defence. "Fundamentals Needed for Digital Security," as chapter five is entitled, contains a random assortment of semi-technical topics which does not have enough detail or definition to be of much use in establishing protection. Haphazard net topics are reviewed in chapter six. Chapter seven lists various network applications, threats (such as stalking) that are not related to malware, and a list of ports used by trojans--but the directions on how to determine whether those ports are in use on your machine do not appear until the following chapter, along with some generic advice on policies and awareness training. Firewalls, antivirus software, and backups are outlined in chapter nine, but with terse and poor explanations. Server and application vulnerabilities are briefly discussed in chapter ten.

Part three is supposed to look ahead. Chapter eleven has an unfocussed and sensationalist commentary on cyberterrorism. A grab bag of security topics is in chapter twelve.

The text has numerous errors, but they are neither excessively abundant (in comparison to some of the other horrible examples extent) nor especially egregious. Saying that this work is "less bad" than the worst, though, is hardly a recommendation. The book is indifferent and slipshod (many of the entries in the glossary are very careless) and does not contribute to the body of malware literature.

copyright Robert M. Slade, 2003 BKSTNFMC.RVW 20030727