| |
| |
| |
An Overview of Spyware | |
| |
| |
Introduction | |
| |
| |
Spyware: Defined | |
| |
| |
How Spyware Works | |
| |
| |
Why Spyware Is Not a "Virus" | |
| |
| |
Commonly Seen Spyware | |
| |
| |
Identity Theft | |
| |
| |
Malware: Defined | |
| |
| |
How Malware Works | |
| |
| |
Commonly Seen Malware | |
| |
| |
Adware: Defined | |
| |
| |
How Adware Works | |
| |
| |
Commonly Seen Adware | |
| |
| |
Parasiteware: Defined | |
| |
| |
How Parasiteware Works | |
| |
| |
Commonly Seen Parasiteware | |
| |
| |
Phishing: Defined | |
| |
| |
How Phishing Works | |
| |
| |
Commonly Seen Phishing Attacks | |
| |
| |
PayPal | |
| |
| |
eBay | |
| |
| |
Citibank | |
| |
| |
Washington Mutual | |
| |
| |
IRS Tax Refund | |
| |
| |
Botnets: Defined | |
| |
| |
How Botnets Work | |
| |
| |
Commonly Seen Botnets | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
The Transformation of Spyware | |
| |
| |
Introduction | |
| |
| |
The Humble Beginnings | |
| |
| |
Targeted Marketing | |
| |
| |
Hitting the Internet Target | |
| |
| |
Selling Software | |
| |
| |
Adware Evolves | |
| |
| |
Making a Name for Itself | |
| |
| |
All Roads Lead to Microsoft | |
| |
| |
The Making of a Buzzword | |
| |
| |
The Early Effects of Spyware | |
| |
| |
Early Means of Prevention | |
| |
| |
Spyware in the Twenty-First Century | |
| |
| |
How Spyware Has Evolved | |
| |
| |
Increased Use of Spyware in the Commission of Criminal Acts | |
| |
| |
Antispyware Legislation | |
| |
| |
The Future of Spyware | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
Spyware and the Enterprise Network | |
| |
| |
Introduction | |
| |
| |
Keystroke Loggers | |
| |
| |
How Keystroke Loggers Work | |
| |
| |
Known Keystroke Loggers | |
| |
| |
KeyGhost | |
| |
| |
KEYKatcher/KEYPhantom | |
| |
| |
Invisible KeyLogger Stealth | |
| |
| |
Spector | |
| |
| |
Boss Every Where | |
| |
| |
Known Exploits | |
| |
| |
Trojan Encapsulation | |
| |
| |
How Spyware Works with Trojan Horses | |
| |
| |
Known Spyware/Trojan Software | |
| |
| |
D1Der | |
| |
| |
Sony Digital Rights Management | |
| |
| |
Kazanon | |
| |
| |
Spyware and Backdoors | |
| |
| |
How Spyware Creates Backdoors | |
| |
| |
Known Spyware/Backdoor Combinations | |
| |
| |
A Wolf in Sheep's Clothing: Fake Removal Tools | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
Real Spyware-Crime, Economic Espionage, and Espionage | |
| |
| |
Introduction | |
| |
| |
White to Gray to Black- Increasing Criminal Use of Spyware | |
| |
| |
White to Gray-Ethical to Unethical | |
| |
| |
Hacker Ethic to Criminal Ethic | |
| |
| |
Unethical Practices for the Benefit of Companies | |
| |
| |
Spyware for Government Use | |
| |
| |
It's All in the Delivery | |
| |
| |
Targeted, Networked Spyware | |
| |
| |
Phishing Overview | |
| |
| |
Botnets Overview | |
| |
| |
The Botnet-Spam and Phishing Connection | |
| |
| |
Phishing Detection | |
| |
| |
What to Look For | |
| |
| |
Tools | |
| |
| |
Internet Resources | |
| |
| |
Reporting Phishing | |
| |
| |
Law Enforcement | |
| |
| |
Antiphishing Consortiums | |
| |
| |
Antiphishing Software Vendors | |
| |
| |
Bot Detection | |
| |
| |
Detecting Bots on a Host | |
| |
| |
Finding Botnets | |
| |
| |
Tools | |
| |
| |
Internet Resources | |
| |
| |
Reporting Botnets | |
| |
| |
Law Enforcement | |
| |
| |
Antibotnet Consortiums | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
Solutions for the End User | |
| |
| |
Introduction | |
| |
| |
Freeware Solutions | |
| |
| |
Ad-Aware Personal | |
| |
| |
Installing Ad-Aware Personal | |
| |
| |
Scanning for Spyware | |
| |
| |
Reviewing Detected Spyware | |
| |
| |
Additional Ad-Aware Features | |
| |
| |
Spybot - Search & Destroy | |
| |
| |
Installing Spybot - Search & Destroy | |
| |
| |
Updating Spybot - Search & Destroy | |
| |
| |
Scanning for Spyware | |
| |
| |
Additional Spybot Features | |
| |
| |
Microsoft Windows Defender | |
| |
| |
Installing Windows Defender | |
| |
| |
Scanning for Spyware | |
| |
| |
Reviewing Detected Spyware | |
| |
| |
Windows Defender Tools | |
| |
| |
AntiSpyware versus Windows Defender | |
| |
| |
Keylogger Hunter | |
| |
| |
Testing Keylogger Hunter | |
| |
| |
Toolbar Solutions | |
| |
| |
12Ghosts Popup-Killer | |
| |
| |
Yahoo! Anti-Spy Toolbar | |
| |
| |
Google Toolbar | |
| |
| |
Mozilla Firefox | |
| |
| |
Licensed Solutions | |
| |
| |
Webroot Spy Sweeper | |
| |
| |
Ad-Aware Plus | |
| |
| |
McAfee AntiSpyware | |
| |
| |
SpyCop | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
Forensic Detection and Removal | |
| |
| |
Introduction | |
| |
| |
Manual Detection Techniques | |
| |
| |
Working with the Registry | |
| |
| |
Registry Basics | |
| |
| |
Start-Up Applications | |
| |
| |
File Association Hijacking | |
| |
| |
Detecting Unknown Processes | |
| |
| |
Researching Unknown Processes | |
| |
| |
Detecting Spyware Remnants | |
| |
| |
Temporary File Caches | |
| |
| |
Windows System Restore | |
| |
| |
Windows File Protection | |
| |
| |
Windows Hosts File | |
| |
| |
Internet Explorer Settings | |
| |
| |
Detection and Removal Tools | |
| |
| |
HijackThis | |
| |
| |
Reviewing HijackThis Results | |
| |
| |
Reviewing a HijackThis Sample Log | |
| |
| |
Removing Detected Items | |
| |
| |
HijackThis Miscellaneous Tools | |
| |
| |
a[superscript 2] HiJackFree | |
| |
| |
InstallWatch Pro | |
| |
| |
Performing a Scan with the InstallWatch Pro Wizard | |
| |
| |
Performing a Scan without the InstallWatch Pro Wizard | |
| |
| |
Reviewing InstallWatch Pro Results | |
| |
| |
Unlocker | |
| |
| |
VMware | |
| |
| |
Snapshots | |
| |
| |
Enterprise Removal Tools | |
| |
| |
BigFix Enterprise Suite | |
| |
| |
FaceTime | |
| |
| |
Websense Web Security Suite | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
Dealing with Spyware in a Non-Microsoft World | |
| |
| |
Introduction | |
| |
| |
Spyware and Linux | |
| |
| |
Does It Exist? | |
| |
| |
What Keeps Linux Spyware Free? | |
| |
| |
Linux Is Not a Large Enough Target | |
| |
| |
Linux Is Fundamentally Not Vulnerable to These Types of Attacks | |
| |
| |
The Definitive Answer? | |
| |
| |
Root Security | |
| |
| |
Malware, Worms, and Viruses | |
| |
| |
Examples | |
| |
| |
Spyware and the Macintosh | |
| |
| |
OS X Viruses and Malware | |
| |
| |
Leap-A | |
| |
| |
Inqtana.A | |
| |
| |
Tools for the Macintosh | |
| |
| |
MacScan | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
The Frugal Engineer's Guide to Spyware Prevention | |
| |
| |
Introduction | |
| |
| |
Locking Down Internet Explorer | |
| |
| |
Social Engineering | |
| |
| |
Drive-by Downloads | |
| |
| |
Locking Down Internet Explorer | |
| |
| |
Pop-Up Blocker | |
| |
| |
Developing a Security Update Strategy | |
| |
| |
Using Microsoft WSUS | |
| |
| |
Microsoft Baseline Security Analyzer | |
| |
| |
Windows Checks | |
| |
| |
IIS Checks | |
| |
| |
SQL Server Checks | |
| |
| |
Desktop Application Checks | |
| |
| |
Securing E-mail | |
| |
| |
Securing Outlook | |
| |
| |
Securing Windows | |
| |
| |
Using Group Policy | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
Malware, Money Movers, and Ma Bell Mayhem! | |
| |
| |
Introduction | |
| |
| |
Mule Driving and Money Laundering | |
| |
| |
How Phishers Set Up Shop | |
| |
| |
The Process of Receiving the Money | |
| |
| |
Western Union | |
| |
| |
Mule Liability and Position | |
| |
| |
U.S. Operations and Credit Cards | |
| |
| |
Phishers Phone Home | |
| |
| |
Defining Telecommunications Today | |
| |
| |
SIP Overview | |
| |
| |
SIP Communication | |
| |
| |
Caller ID Spoofing | |
| |
| |
SBC Network Takeover | |
| |
| |
Anonymous Telephony | |
| |
| |
Phreakin' Phishers! | |
| |
| |
Slithering Scalability | |
| |
| |
Malware in 2004 | |
| |
| |
Early 2004 | |
| |
| |
Mid-2004 | |
| |
| |
End of 2004 | |
| |
| |
Trojans of 2004 | |
| |
| |
Malware in 2005 | |
| |
| |
Malware Distribution Process | |
| |
| |
Botnets | |
| |
| |
Blind Drops | |
| |
| |
The Phuture of Phishing | |
| |
| |
Summary | |
| |
| |
Solutions Fast Track | |
| |
| |
Frequently Asked Questions | |
| |
| |
Index | |