Summary

skip navigation

honeypots for windows
Chapter 2 - A Honeypot Deployment Plan
Honeypots for Windows
by Roger A. Grimes
Apress 2005
progress indicator progress indicatorprogress indicator progress indicator

Deploying a honeypot system requires methodical planning and understanding of your motivations for installing one in the first place. Basic underlying honeypot tenets must be considered during the design phase. You need to decide whether you want to implement a research or production honeypot, real or virtual, and where to place it. These decisions depend on your objectives and resources. Externally placed honeypot systems are the most exposed type of (research) honeypot and will gain the attention of hackers the quickest.

Production honeypots placed on the DMZ can warn you of malicious activity happening within your DMZ. Internally placed honeypot systems can act as an early-warning system to alert you that a threat has bypassed your other network security countermeasures, as well as alert you to internal attacks.

A honeypot system is a collection of components, including tools for alerting, monitoring, logging, and analyzing found data. Chapter 3 will cover the basic behaviors and services a Windows honeypot should mimic.

progress indicator progress indicatorprogress indicator progress indicator


Honeypots for Windows
Honeypots for Windows (Books for Professionals by Professionals)
ISBN: 1590593359
EAN: 2147483647
Year: 2006
Pages: 119

Similar book on Amazon
Honeypots: Tracking Hackers
Honeypots: Tracking Hackers
Know Your Enemy: Learning about Security Threats (2nd Edition)
Know Your Enemy: Learning about Security Threats (2nd Edition)
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net