Honeypots for Windows

Front Cover
Apress, Feb 16, 2005 - Computers - 424 pages

Installing a honeypot inside your network as an early warning system can significantly improve your security. Currently, almost every book and resource about honeypots comes from a Unix background, which leaves Windows administrators still grasping for help. But Honeypots for Windows is a forensic journeyhelping you set up the physical layer, design your honeypot, and perform malware code analysis.

You’ll discover which Windows ports need to be open on your honeypot to fool those malicious hackers, and you’ll learn about numerous open source tools imported from the Unix world. Install a honeypot on your DMZ or at home and watch the exploits roll in! Your honeypot will capture waves of automated exploits, and youll learn how to defend the computer assets under your control.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

An Introduction to Honeypots
3
A Honeypot Deployment Plan
35
Windows Honeypot Modeling
63
Windows Honeypot Deployment
89
Honeyd Installation
121
Honeyd Configuration
151
Honeyd Service Scripts
167
Other WindowsBased Honeypots
189
Network Traffic Analysis
223
Honeypot Monitoring
269
Honeypot Data Analysis
301
Malware Code Analysis
337
Index
363
Copyright

Other editions - View all

Common terms and phrases

About the author (2005)

Roger A. Grimes (CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CEH, TICSA, Security+, MCT) is a Windows security consultant, instructor, and author. This is Grimes' third book and he has written over a 150 articles for magazines like Windows IT Pro, Microsoft Certified Professional, InfoWorld, Network Magazine, Windows & .NET, and Security Administrator. He is a contributing editor for Windows & .NET, and InfoWorld magazines.

Grimes has presented at Windows Connections, MCP TechMentors, and SANS. He was recognized as "Most Valuable Professional" (MVP) by Microsoft, for Windows Server 2003 security. Grimes also writes frequently for Microsoft, including material for two courses on advanced Windows security and Technet. He has taught security to many of the world's largest and most respected organizations, including Microsoft, VeriSign, the U.S. Navy, various universities, and public school systems. Grimes spends his time surrounded by the maddening hum of twelve 1U servers in his home office, monitoring his personal honeypots.

Bibliographic information