pfeil_rechts

Suchen und Finden

Service

Honeypots for Windows

von: Roger A. Grimes

Apress, 2006

ISBN: 9781430200079 , 424 Seiten

Format: PDF, OL

Kopierschutz: Wasserzeichen

Online-Lesen für: Windows PC,Mac OSX,Linux

Preis: 46,99 EUR

Mehr zum Inhalt

Honeypots for Windows

Contents: 6
About the Author: 14
About the Technical Reviewers: 15
Acknowledgments: 16
Introduction: 17
Part One Honeypots in General: 22
Chapter 1 An Introduction to Honeypots: 23
What Is a Honeypot?: 23
What Is a Honeynet?: 25
Why Use a Honeypot?: 25
Basic Honeypot Components: 31
Honeypot Types: 33
History of Honeypots: 40
Attack Models: 46
Risks of Using Honeypots: 52
Summary: 54
Chapter 2 A Honeypot Deployment Plan: 55
Honeypot Deployment Steps: 55
Honeypot Design Tenets: 56
Attracting Hackers: 57
Defining Goals: 57
Honeypot System Network Devices: 61
Honeypot System Placement: 74
Summary: 79
Part Two Windows Honeypots: 80
Chapter 3 Windows Honeypot Modeling: 81
What You Need to Know: 81
Common Ports and Services: 83
Computer Roles: 86
Services in More Detail: 90
Common Ports by Platform: 101
Common Windows Applications: 104
Putting It All Together: 105
Summary: 106
Chapter 4 Windows Honeypot Deployment: 107
Decisions to Make: 107
Installation Guidance: 114
Hardening Microsoft Windows: 118
Summary: 138
Chapter 5 Honeyd Installation: 139
What Is Honeyd?: 139
Why Use Honeyd?: 140
Honeyd Features: 141
Honeyd Installation: 154
Summary: 167
Chapter 6 Honeyd Configuration: 168
Using Honeyd Command-Line Options: 168
Creating a Honeyd Runtime Batch File: 169
Setting Up Honeyd Configuration Files: 171
Testing Your Honeyd Configuration: 182
Summary: 183
Chapter 7 Honeyd Service Scripts: 184
Honeyd Script Basics: 184
Default Honeyd Scripts: 189
Downloadable Scripts: 195
Custom Scripts: 197
Summary: 205
Chapter 8 Other Windows-Based Honeypots: 206
Back Officer Friendly: 206
LaBrea: 207
SPECTER: 209
PatriotBox: 229
Jackpot SMTP Tarpit: 231
More Honeypots: 236
Summary: 236
Part Three Honeypot Operations: 238
Chapter 9 Network Traffic Analysis: 239
Why Use a Sniffer and an IDS?: 239
Network Protocol Basics: 243
Network Protocol Capturing Basics: 255
Ethereal: 256
Snort: 266
Summary: 284
Chapter 10 Honeypot Monitoring: 285
Taking Baselines: 285
Monitoring: 292
Logging: 300
Alerting: 311
Summary: 316
Chapter 11 Honeypot Data Analysis: 317
Why Analyze?: 317
Honeypot Analysis Investigations: 318
A Structured Forensic Analysis Approach: 320
Forensic Analysis in Action: 341
Forensic Tool Web Sites: 351
Summary: 352
Chapter 12 Malware Code Analysis: 353
An Overview of Code Disassembly: 353
Assembly Language: 355
Assembler and Disassembler Programs: 365
Malicious Programming Techniques: 374
Disassembly Environment: 376
Disassembly Practice: 376
Summary: 377
Index: 378

AGB
Datenschutz
Impressum
Kontakt
F.A.Q
Widerruf

Alle Preise verstehen sich inklusive der gesetzlichen MwSt.

Honeypots for Windows

von: Roger A. Grimes

Honeypots for Windows

Contents

About the Author

About the Technical Reviewers

Acknowledgments

Introduction

Part One Honeypots in General

Chapter 1 An Introduction to Honeypots

What Is a Honeypot?

What Is a Honeynet?

Why Use a Honeypot?

Basic Honeypot Components

Honeypot Types

History of Honeypots

Attack Models

Risks of Using Honeypots

Summary

Chapter 2 A Honeypot Deployment Plan

Honeypot Deployment Steps

Honeypot Design Tenets

Attracting Hackers

Defining Goals

Honeypot System Network Devices

Honeypot System Placement

Summary

Part Two Windows Honeypots

Chapter 3 Windows Honeypot Modeling

What You Need to Know

Common Ports and Services

Computer Roles

Services in More Detail

Common Ports by Platform

Common Windows Applications

Putting It All Together

Summary

Chapter 4 Windows Honeypot Deployment

Decisions to Make

Installation Guidance

Hardening Microsoft Windows

Summary

Chapter 5 Honeyd Installation

What Is Honeyd?

Why Use Honeyd?

Honeyd Features

Honeyd Installation

Summary

Chapter 6 Honeyd Configuration

Using Honeyd Command-Line Options

Creating a Honeyd Runtime Batch File

Setting Up Honeyd Configuration Files

Testing Your Honeyd Configuration

Summary

Chapter 7 Honeyd Service Scripts

Honeyd Script Basics

Default Honeyd Scripts

Downloadable Scripts

Custom Scripts

Summary

Chapter 8 Other Windows-Based Honeypots

Back Officer Friendly

LaBrea

SPECTER

PatriotBox

Jackpot SMTP Tarpit

More Honeypots

Summary

Part Three Honeypot Operations

Chapter 9 Network Traffic Analysis

Why Use a Sniffer and an IDS?

Network Protocol Basics

Network Protocol Capturing Basics

Ethereal

Snort

Summary

Chapter 10 Honeypot Monitoring

Taking Baselines

Monitoring

Logging