Malware Forensics:   
                             Investigating and Analyzing Malicious Code
Frequently Asked Questions (F.A.Q.)


The book is described on and other web sites as having content addressing Honeypots, Technical Profiling and Malware Lab Design & Configuration--why aren't these chapters in the book?

Originally, the book was intended to cover these topics.  Unfortunately, the description on and other web sites reflects what Elsevier/Syngress distributed prior to the final draft and publication.   As the book was written (and evolved),  anticipated page count was exceeded before these topics were addressed.  The authors have requested Syngress to revise the description to reflect the final content.  Further, the authors will be posting the content that did not make the book on this web site.  Stay tuned!


Q: The description mentions that the "Companion Web site provides working code for analysis."  Where is the code?

A: The publisher, Syngress, included that language in the product description.  Hosting malware on this web site was never contemplated by the authors.


Q: The last page of the book is an "Errata Page."  What is this and why is it there?

A: An Errata Page contains a list of errors that were found in the book and their corrections.  Typically, an errata page is published after the book is published.  In this instance, the authors discovered errors in the final chapter proofs and requested that the publisher make appropriate corrections.  Because the publication of this book was under a stringent deadline, the changes were not made to the chapter text, but rather, were listed on the Errata Page. Corrections to formatting, typesetting, and more minor typographical errors will be made to the next edition of the book.  A special thanks to Technical Editor Curtis Rose (hands down the finest in the business) for being a vigilant Editor in addition to his already laborious tech edit duties!