Virtual Honeypots: From Botnet Tracking to Intrusion Detection

版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章原始出版、作者信息和本声明。否则将追究法律责任。 http://blog.csdn.net/topmvp - topmvp

Honeypots have demonstrated immense value in Internet security, but physical honeypot deployment can be prohibitively complex, time-consuming, and expensive. Now, theres a breakthrough solution. Virtual honeypots share many attributes of traditional honeypots, but you can run thousands of them on a single system-making them easier and cheaper to build, deploy, and maintain.

In this hands-on, highly accessible book, two leading honeypot pioneers systematically introduce virtual honeypot technology. One step at a time, youll learn exactly how to implement, configure, use, and maintain virtual honeypots in your own environment, even if youve never deployed a honeypot before.

Youll learn through examples, including Honeyd, the acclaimed virtual honeypot created by coauthor Niels Provos. The authors also present multiple real-world applications for virtual honeypots, including network decoy, worm detection, spam prevention, and network simulation.

After reading this book, you will be able to
*Compare high-interaction honeypots that provide real systems and services and the low-interaction honeypots that emulate them
*Install and configure Honeyd to simulate multiple operating systems, services, and network environments
*Use virtual honeypots to capture worms, bots, and other malware
*Create high-performance "hybrid" honeypots that draw on technologies from both low- and high-interaction honeypots
*Implement client honeypots that actively seek out dangerous Internet locations
*Understand how attackers identify and circumvent honeypots
*Analyze the botnets your honeypot identifies, and the malware it captures
*Preview the future evolution of both virtual and physical honeypots

http://rapidshare.com/files/103157523/0321336321.zip
http://depositfiles.com/files/4401169

你可能感兴趣的:(Security)