Dailydave mailing list archives
Book Review: Rootkits, SPYWARE/ADWARE, Keyloggers and Backdoors (Oleg Zaytzev)
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 29 Jun 2007 14:38:24 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Book Review: Rootkits, SPYWARE/ADWARE, Keyloggers and Backdoors: detection and neutralization (Oleg Zaytzev) http://www.amazon.com/Rootkits-Spyware-Adware-Keyloggers-Backdoors/dp/1931769591/ref=sr_1_1/105-5981609-8901229?ie=UTF8&s=books&qid=1183141345&sr=8-1 I want to start off with pointing out the things I don't like about this book: 1. The cover is boring. The title is awkwardly long, and then they have a fingerprint picture on a black cover. It's just not a good cover and I think they could have done a lot better to make my coffee table aesthetic a lot nicer. Call the book "Rootkits 101" and put a picture of a hot semi-dressed teacher pointing to some code on a blackboard. See, now you've doubled your sales! 2. Many of the examples were in Delphi. While Oleg clearly knows Delphi inside and out, I like to read my books from the middle out, like most people, and it confused me immensely. I feel like each code sample should have a note saying "Btw, this is Delphi, which is kinda like Pascal". I get why he used it, I'm just sayin'. Here's what's great about this book though - it's short AND comprehensive. I like that he says "Here are the 5 ways to do a keylogger and all the drawbacks of each one". There's a lot here that's somewhat basic (esp. in the rootkit portion of the book) but wherever possible he covers ALL the bases, rather than going into depth and drowning you in C kernel code, which is what most rootkit books tend to do. So: 1. Bad cover/title 2. Rootkit chapter needs more heft 3. Great content on keyloggers 4. CD full of random programs __________________________ Score: B (worth the money just for the keylogger chapter. For the record, CANVAS's keylogger does it the way described on page 109) - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGhVGeB8JNm+PA+iURAtPkAJ99wuBXKsCmA/ZBpMy6QFs2CHN7FgCgsWpn 8DV14+igIzz7PGhA578i71o= =qO9c -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Book Review: Rootkits, SPYWARE/ADWARE, Keyloggers and Backdoors (Oleg Zaytzev) Dave Aitel (Jun 29)