| ||||||||||||
| |||||
-b switch
for binary logging mode in Snort, 255
Back Officer Friendly (BOF) honeypot
installation and configuration of, 189–190
website address, 189
Back Orifice tools
recognized by Back Officer Friendly honeypot, 190
Back2Life program
for recovering deleted files and formatted disks, 315
Bait and Switch Honeypot
website address, 10
banner grabbing
defined, 29
baseline measurements
methods for getting for your honeypot, 98–99
sampling of Microsoft tools for documenting, 271
taking as first step in honeypot data collection, 269
bind command
in Honeyd, 128–129
BinText tool
function of, 281
BIOS interrupt routines
stored on BIOS chips and used to manipulate data, 341
website address for list of, 341
blackholes. See tarpits (blackholes)
Blaster worm
Microsoft patches for, 87
on RPC servers, 73
Blat utility
website address, 299
blended attacks
methods used in, 31–32
BOF honeypot. See Back Officer Friendly (BOF) honeypot
bootable forensic distributions, 324
Borg disassembler
function of and website address, 356–357
botnet
defined, 304
breakpoints
as debugging tricks, 359
bridges
as honeypot network system devices, 46
broadcast packets
defined, 41
bs option
in Dd.exe command-line syntax, 307
Bugbear worm
website address, 77
| |||||