Disassembly Environment

skip navigation

honeypots for windows
Chapter 12 - Malware Code Analysis
Honeypots for Windows
by Roger A. Grimes
Apress 2005
progress indicator progress indicatorprogress indicator progress indicator

Disassembly can be tricky at times. When you disassemble a program, you are throwing the contents of the program into memory. It’s not uncommon during an involved analysis to accidentally execute the code. Because of this, many disassemblers do their work on a separate machine, which is not their work or primary home computer. Others run the decoding process in a virtual session.

No matter which environment you choose, be careful. Nothing is more embarrassing than the security professional accidentally releasing malicious code. In my 15+-year career, this has happened to me only once, and that was during my first year of malware code analysis.

progress indicator progress indicatorprogress indicator progress indicator


Honeypots for Windows
Honeypots for Windows (Books for Professionals by Professionals)
ISBN: 1590593359
EAN: 2147483647
Year: 2006
Pages: 119

Similar book on Amazon
Honeypots: Tracking Hackers
Honeypots: Tracking Hackers
Know Your Enemy: Learning about Security Threats (2nd Edition)
Know Your Enemy: Learning about Security Threats (2nd Edition)
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net