Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Virtual Honeypots: From Botnet Tracking to Intrusion DetectionByNiels Provos, Thorsten Holz

Publisher:Addison-Wesley2007 |440 Pages | ISBN: 0321336321 | CHM | 4 MB

Honeypots have demonstrated immense value in Internet security, but physical honeypot deployment can be prohibitively complex, time-consuming, and expensive. Now, there’s a breakthrough solution. Virtual honeypots share many attributes of traditional honeypots, but you can run thousands of them on a single system-making them easier and cheaper to build, deploy, and maintain.

In this hands-on, highly accessible book, two leading honeypot pioneers systematically introduce virtual honeypot technology. One step at a time, you’ll learn exactly how to implement, configure, use, and maintain virtual honeypots in your own environment, even if you’ve never deployed a honeypot before.

You’ll learn through examples, including Honeyd, the acclaimed virtual honeypot created by coauthor Niels Provos. The authors also present multiple real-world applications for virtual honeypots, including network decoy, worm detection, spam prevention, and network simulation.

After reading this book, you will be able to

Compare high-interaction honeypots that provide real systems and services and the low-interaction honeypots that emulate them

Install and configure Honeyd to simulate multiple operating systems, services, and network environments

Use virtual honeypots to capture worms, bots, and other malware

Create high-performance "hybrid" honeypots that draw on technologies from both low- and high-interaction honeypots

Implement client honeypots that actively seek out dangerous Internet locations

Understand how attackers identify and circumvent honeypots

Analyze the botnets your honeypot identifies, and the malware it captures

Preview the future evolution of both virtual and physical honeypots

NO PASSWORD

!!!No Mirrors below, please! Follow Rules!