Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Honeypots have demonstrated immense value in Internet security, but physical honeypot deployment can be prohibitively complex, time-consuming, and expensive. Now, theres a breakthrough solution. Virtual honeypots share many attributes of traditional honeypots, but you can run thousands of them on a single system-making them easier and cheaper to build, deploy, and maintain.
In this hands-on, highly accessible book, two leading honeypot pioneers systematically introduce virtual honeypot technology. One step at a time, youll learn exactly how to implement, configure, use, and maintain virtual honeypots in your own environment, even if youve never deployed a honeypot before.
Youll learn through examples, including Honeyd, the acclaimed virtual honeypot created by coauthor Niels Provos. The authors also present multiple real-world applications for virtual honeypots, including network decoy, worm detection, spam prevention, and network simulation.
After reading this book, you will be able to*Compare high-interaction honeypots that provide real systems and services and the low-interaction honeypots that emulate them
*Install and configure Honeyd to simulate multiple operating systems, services, and network environments
*Use virtual honeypots to capture worms, bots, and other malware
*Create high-performance "hybrid" honeypots that draw on technologies from both low- and high-interaction honeypots
*Implement client honeypots that actively seek out dangerous Internet locations
*Understand how attackers identify and circumvent honeypots
*Analyze the botnets your honeypot identifies, and the malware it captures
*Preview the future evolution of both virtual and physical honeypots
http://rapidshare.com/files/103157523/0321336321.zip
http://depositfiles.com/files/4401169