Saturday, 17 June 2006 20:53

Work is coming to a completion on another book that I have recently contributed to, Combating Spyware in the Enterprise. 

On this project, I wrote two chapters: End User Solutions, and Forensic Detection and Removal.

In the prior, I go into depth on the various applications available for end-users to protect single computers, to help secure individual boxes in a network environment, or common home user machines.  A variety of applications are covered, from free to commercial, along with steps and procedures to help anyone be able to install and configure a number of spyware scanners properly.

In the Forensic Detection and Removal chapter, I delve into detecting and removing spyware manually without any automated tools (such as the spyware scanners covered in the prior chapter).  Using tools like HijackThis and HiJackFree, and the basic Windows registry editor, I cover many of the locations where spyware tends to entrench itself upon an infected computer.  The chapter then covers how to identify malicious data amongst the high number of innocent "hits" you'll find, and how to remove the dangerous components.  This is extremely useful in cases where your network workstation is suffering from a 0-day infection.  There are also crucial steps enclosed to help if your network server has been infected, allowing you to practice the removal of the spyware while protecting your server and your overall uptime.

It should be published soon; Syngress is looking at early July.  So, go ahead and preorder a copy :)