Showing posts with label information security. Show all posts
Showing posts with label information security. Show all posts

A Guide to Kernel Exploitation: Attacking the Core Review

Posted by Sheila Gibson on 8/10/2012 / Labels: , , , , , , , , , / Comments: (0)
A Guide to Kernel Exploitation: Attacking the Core
Average Reviews:

(More customer reviews)Are you looking to buy A Guide to Kernel Exploitation: Attacking the Core? Here is the right place to find the great deals. we can offer discounts of up to 90% on A Guide to Kernel Exploitation: Attacking the Core. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

A Guide to Kernel Exploitation: Attacking the Core ReviewMy colleague showed me this book (full disclosure: he was a reviewer) - he made his students buy it it for his OS II class (assigned middle of the semester!) one week ago - hot off the presses. I got two copies, one for my office and one for reading on the bus.
It's one of three technical exploit books I'd take on a deserted, networked, powered island. Part 1: Journey into Kernel Land (Intro and explanations) is one of the most succinct clear intros I have ever seen. I wish I could distributed that as a document for class. The section on Windows is current and well done, also because the difference between 32 and 64 bit architectures and approaches are emphasized (this is not the case with Eilam's book alas, though very good) - this book is up to date. I think the Unix section needs to be updated, though, my colleague said that some of the exploits were possible in 2006/2007 but with kernel changes some APIs are not available etc. This needs to be updated. Cannot comment on the Mac section, because no expertise.
Website available and examples useful: [...]
Wishlist:
1) There are some unavoidable typos, sure: p.10: MAC is nor Media Access Control in a security context, it's Mandatory Access Control
2) I would have really really like an expanded section on hypervisors and virtualization (there is a mini epilogue on it at the end)- that would have made my day
3) The Linux case study was neat - for next version, do Windows Stuxnet's m.o. because it adds all sorts of interesting kernel root attack pathways
You will not regret buying this book - it is obvious and much appreciated that the authors put a lot of effort into making an readable guide for the medium to expert reader that can double as a textbook companion.
Daniel Bilar
CS Department
UNOA Guide to Kernel Exploitation: Attacking the Core Overview

Want to learn more information about A Guide to Kernel Exploitation: Attacking the Core?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...