Honeypots for Windows

( 1 )

Overview

Installing a honeypot inside your network as an early warning system can significantly improve your security. Currently, almost every book and resource about honeypots comes from a Unix background, which leaves Windows administrators still grasping for help. But Honeypots for Windows is a forensic journeyhelping you set up the physical layer, design your honeypot, and perform malware code analysis.

You’ll discover which Windows ports need to be open on your honeypot to fool ...

See more details below
Paperback (2005)
$31.80
BN.com price
(Save 20%)$39.99 List Price
Other sellers (Paperback)
  • All (17) from $2.98   
  • New (10) from $25.11   
  • Used (7) from $2.98   
Sending request ...

Overview

Installing a honeypot inside your network as an early warning system can significantly improve your security. Currently, almost every book and resource about honeypots comes from a Unix background, which leaves Windows administrators still grasping for help. But Honeypots for Windows is a forensic journeyhelping you set up the physical layer, design your honeypot, and perform malware code analysis.

You’ll discover which Windows ports need to be open on your honeypot to fool those malicious hackers, and you’ll learn about numerous open source tools imported from the Unix world. Install a honeypot on your DMZ or at home and watch the exploits roll in! Your honeypot will capture waves of automated exploits, and youll learn how to defend the computer assets under your control.

Read More Show Less

Product Details

Meet the Author

Roger A. Grimes (CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CEH, TICSA, Security+, MCT) is a Windows security consultant, instructor, and author. This is Grimes' third book and he has written over a 150 articles for magazines like Windows IT Pro, Microsoft Certified Professional, InfoWorld, Network Magazine, Windows & .NET, and Security Administrator. He is a contributing editor for Windows & .NET, and InfoWorld magazines.

Grimes has presented at Windows Connections, MCP TechMentors, and SANS. He was recognized as "Most Valuable Professional" (MVP) by Microsoft, for Windows Server 2003 security. Grimes also writes frequently for Microsoft, including material for two courses on advanced Windows security and Technet. He has taught security to many of the world's largest and most respected organizations, including Microsoft, VeriSign, the U.S. Navy, various universities, and public school systems. Grimes spends his time surrounded by the maddening hum of twelve 1U servers in his home office, monitoring his personal honeypots.

Read More Show Less

Table of Contents

Pt. 1 Honeypots in general
Ch. 1 An introduction to honeypots 3
Ch. 2 A honeypot deployment plan 35
Pt. 2 Windows honeypots
Ch. 3 Windows honeypot modeling 63
Ch. 4 Windows honeypot deployment 89
Ch. 5 Honeyd installation 121
Ch. 6 Honeyd configuration 151
Ch. 7 Honeyd service scripts 167
Ch. 8 Other Windows-based honeypots 189
Pt. 3 Honeypot operations
Ch. 9 Network traffic analysis 223
Ch. 10 Honeypot monitoring 269
Ch. 11 Honeypot data analysis 301
Ch. 12 Malware code analysis 337
Read More Show Less

Customer Reviews

Average Rating 4
( 1 )
Rating Distribution

5 Star

(0)

4 Star

(1)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted February 27, 2005

    making a state of the art honeypot

    Grimes has a valid gripe. Honeypots have risen to prominence as an aggressive anti-cracker method. So that, for example, the well known Honeynet Project has been running for several years, with good results. But the bulk of these honeypot efforts has been in unix machines. If you run a network of Microsoft boxes, there is a dearth of comprehensive documentation, until this book came along. It is written for the Microsoft sysadmin who wants to establish a honeypot that is state of the art. This could be one or more machines on her network. Grimes gives detailed instructions. Most importantly, for the honeyd program. Two chapters are devoted to its installation and running. But even aside from whether you end up running a honeypot, the book has value. It explains network traffic analysis and various tools that aid in this, such as Snort or Ethereal. With or without a honeypot, you'll need more than a passing acquaintance with traffic analysis, and the book can aid in this.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)