Honeypots for Windows

Roger A. Grimes - Collection The Expert's Voice

392 pages, parution le 10/03/2005

Ajouter à une liste

Indisponible

Résumé

Honeypots for Windows is about making your network safer. Used as an early warning system, a honeypot is the best tool for malicious code detection. Traditional network security defenses don't work. If they did, malware and hackers would be a historical footnote. Virus scanners will miss new code. Firewalls will not stop everything. Intrusion detection systems are too full of false-positives. And there will always be one user who insists on opening every e-mail file attachment. But besides that, honeypots are just plain cool! What's more fun than hacking the hacker?

I wrote Honeypots for Windows because every previous substantial resource on honeypots was written by a Unix-guru. Even when they talked about Windows, it was on a very basic level (often purposely condescending) and without the details I needed to make a honeypot system work in my Windows environment. Trying to find comprehensive information about deploying and managing honeypots in a Windows environment just wasn't possible. I couldn't find out how to make my honeypot look real to attract hackers or how to make sure hackers didn't do more than I wanted them to do. For instance, when I started writing the book, not a single honeypot vendor had NetBIOS emulation, which is essential for a Windows honeypot. This book, and my research with the vendors, changed and improved Windows-based honeypots.

After reading Honeypots for Windows, you will know from A to Z how to deploy a secure honeypot in your environment. In the process, you will learn how to tighten any Windows system and network. Each chapter is packed with detailed information, much of it not available anywhere else. This book goes from packet sniffing and disassembling to practical management steps and expert Windows hardening steps. Read this book and become a part of the honeypot community.

L'auteur - Roger A. Grimes

Roger A. Grimes (CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CEH, TICSA, Security+, MCT)-is a 17-year Windows security consultant, instructor, and author. This is Grimes' third book and he has written over a 150 articles for magazines like Windows IT Pro, Microsoft Certified Professional, InfoWorld, Network Magazine, Windows & .NET, and Security Administrator. He is a contributing editor for Windows & .NET, and nfoWorld magazines.

Grimes has presented at Windows Connections, MCP TechMentors, and SANS. He was recently recognized as Most Valuable Professional (MVP) by Microsoft, for Windows Server 2003 security. Grimes also writes frequently for Microsoft, including material for two courses on advanced Windows security and Technet. He has taught security to many of the world's largest and most respected organizations, including Microsoft, VeriSign, the U.S. Navy, various universities, and public school systems. Grimes spends his time surrounded by the maddening hum of twelve 1U servers in his home office, monitoring his personal honeypots.

Autres livres de Roger A. Grimes

Hacking et contre-hacking

Découvrir tous les livres de Roger A. Grimes

Sommaire

About the Author
About the Technical Reviewers
Acknowledgments
Introduction
Honeypots in General
- An Introduction to Honeypots
- A Honeypot Deployment Plan
Windows Honeypots
- Windows Honeypot Modeling
- Windows Honeypot Deployment
- Honeyd Installation
- Honeyd Configuration
- Honeyd Service Scripts
- Other Windows-Based Honeypots
Honeypot Operations
- Network Traffic Analysis
- Honeypot Monitoring
- Honeypot Data Analysis
- Malware Code Analysis
Index

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	Apress
Auteur(s)	Roger A. Grimes
Collection	The Expert's Voice
Parution	10/03/2005
Nb. de pages	392
Format	17,5 x 23,5
Couverture	Broché
Poids	790g
Intérieur	Noir et Blanc
EAN13	9781590593356
ISBN13	978-1-59059-335-6