Summary

skip navigation

honeypots for windows
Chapter 9 - Network Traffic Analysis
Honeypots for Windows
by Roger A. Grimes
Apress 2005
progress indicator progress indicatorprogress indicator progress indicator

This chapter discussed the need and use of a network protocol analyzer and an IDS in a honeypot environment. In order to use either of these tools, you need to be familiar with the OSI model and network protocol basics. Network protocol analyzers should be used to capture all traffic headed to and from the honeypot. IDSs should be used to alert the administrator and to identify well-known attacks. In this chapter, you learned about using two open-source tools that fulfill these needs: Ethereal and Snort.

Both monitoring tools should be attached to the honeypot network in such a way as to not alert the hacker. Chapter 10 will cover data-monitoring tools and techniques.

progress indicator progress indicatorprogress indicator progress indicator


Honeypots for Windows
Honeypots for Windows (Books for Professionals by Professionals)
ISBN: 1590593359
EAN: 2147483647
Year: 2006
Pages: 119

Similar book on Amazon
Honeypots: Tracking Hackers
Honeypots: Tracking Hackers
Know Your Enemy: Learning about Security Threats (2nd Edition)
Know Your Enemy: Learning about Security Threats (2nd Edition)
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net