List of Figures

Previous page
Table of content
Next page
skip navigation

honeypots for windows
List of Tables
Honeypots for Windows
by Roger A. Grimes
Apress 2005
progress indicator progress indicatorprogress indicator progress indicator

Chapter 1: An Introduction to Honeypots

Table 1-1: Summary of Honeypot Types

Chapter 2: A Honeypot Deployment Plan

Table 2-1: Honeypot Placement Location Comparison

Chapter 3: Windows Honeypot Modeling

Table 3-1: Common Microsoft Windows Ports and Services
Table 3-2: Generic Windows Server Ports
Table 3-3: Common IIS Server Ports
Table 3-4: Common Windows 2000 Domain Controller Ports
Table 3-5: Common Windows Workstation Ports
Table 3-6: Common SQL Server Ports
Table 3-7: Common Ports on a Simple Exchange Server
Table 3-8: Common Ports on a Complex Exchange Server
Table 3-9: Common NetBIOS Suffixes
Table 3-10: NetBIOS Ports
Table 3-11: IIS Versions and Related Operating Systems
Table 3-12: Default IIS Folders and Subfolders
Table 3-13: Common Windows Listening UDP Ports by Platform
Table 3-14: Common Windows Listening TCP Ports by Platform
Table 3-15: Common Windows Applications and Their Port Numbers

Chapter 4: Windows Honeypot Deployment

Table 4-1: Windows OS Minimum and Recommended Hardware Requirements
Table 4-2: Recommended Hardware Requirements for a Honeypot
Table 4-3: Recommended Registry Entries to Harden the TCP/IP Stack
Table 4-4: Recommended Windows Services Startup Type Settings

Chapter 5: Honeyd Installation

Table 5-1: TCP/IP Packet Types
Table 5-2: TCP Flags
Table 5-3: Honeyd Simple Port Behaviors
Table 5-4: Recommended Honeyd Directories

Chapter 6: Honeyd Configuration

Table 6-1: Honeyd Runtime Options

Chapter 7: Honeyd Service Scripts

Table 7-1: Default Scripts in the Windows Version of Honeyd
Table 7-2: Service Scripts Available at Honeyd.org

Chapter 8: Other Windows-Based Honeypots

Table 8-1: SPECTER Traps and Services
Table 8-2: KFSensor Sim Banner Server Banner Parameters
Table 8-3: KFSensor Event Column Fields

Chapter 9: Network Traffic Analysis

Table 9-1: Default Snort Variables
Table 9-2: Some Snort Preprocessors
Table 9-3: Snort Rule Syntax Fields

Chapter 10: Honeypot Monitoring

Table 10-1: Microsoft Tools for Gathering Baseline Information
Table 10-2: Sysinternal PsTools Utilities
Table 10-3: EVENTTRIGGERS /Create Options

Chapter 11: Honeypot Data Analysis

Table 11-1: Logon Event Properties
Table 11-2: Event Description Information
Table 11-3: Interesting Event IDs

Chapter 12: Malware Code Analysis

Table 12-1: 8086 Register Types and Common Functions
Table 12-2: Common 80x86 Instructions
Table 12-3: PE File Segments

progress indicator progress indicatorprogress indicator progress indicator

Previous page
Table of content
Next page
Honeypots for Windows
Honeypots for Windows (Books for Professionals by Professionals)
ISBN: 1590593359
EAN: 2147483647
Year: 2006
Pages: 119
Authors: Roger A. Grimes
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
The CISSP and CAP Prep Guide: Platinum Edition
MySQL Clustering
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Cultural Imperative: Global Trends in the 21st Century
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy