[ISN] REVIEW: "Honeypots: Tracking Hackers", Lance Spitzner

From: InfoSec News (isnat_private)
Date: Tue Feb 11 2003 - 07:08:35 PST

  • Next message: InfoSec News: "[ISN] Cyber Plan Hitting Home"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    BKHNYPOT.RVW   20030126
    "Honeypots: Tracking Hackers", Lance Spitzner, 2003, 0-321-10895-7,
    %A   Lance Spitzner hostmaster@tracking-hackers.com
    %C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario  M3C 2T8
    %D   2003
    %G   0-321-10895-7
    %I   Addison-Wesley Publishing Co.
    %O   U$44.99/C$69.99 800-822-6339 fax 617-944-7273 bkexpressat_private
    %O  http://www.amazon.com/exec/obidos/ASIN/0321108957/robsladesinterne
    %P   452 p. + CD-ROM
    %T   "Honeypots: Tracking Hackers"
    Chapter one is an introduction to the honeypot concepts, and the story
    of Spitzner's first attempt to run one.  An overview of attackers and
    tools is given in chapter two.  A history of honeypots is provided in
    chapter three, and a list of basic types.  Chapter four looks at the
    benefits (and also the problems) of these types of programs.  The
    types of honeypots are grouped into high, medium, and low
    intereactivity, in chapter five.  The explanations given, in this
    first section, are good and simple.  Tables and figures provided,
    however, often require interpretation.
    Chapters six to eleven are reviews and descriptions of honeypots and
    related programs.  There is a tutorial on the setup and use of Back
    Officer Friendly in chapter six.  Specter, in chapter seven, gets a
    detailed review and a discussion of the program's options.  Chapter
    eight discusses how honeyd emulates a network.  Port monitoring, with
    netcat, and jails, using chroot, are covered in chapter nine.  Mantrap
    cages are discussed in chapter ten.  Chapter eleven reviews two
    generations of honeynets, with lots of details.
    Chapter twelve examines choosing and camouflaging honeypots. 
    Maintaining and using a honeypot is in chapter thirteen.  Chapter
    fourteen presents a couple of "case studies," integrating material
    from previous chapters.  There is a reasonable discussion of legal
    issues in chapter fifteen.  Future directions for honeypots are
    examined in chapter sixteen.
    "Know Your Enemy" (cf BKKNYREN.RVW) presented a fascinating glimpse
    into both honeypots and the blackhat community, but only a glimpse. 
    This book provides much more detail into the inner workings, setup,
    and technologies involved in sensors for detecting and dissecting
    network intrusions.
    copyright, Robert M. Slade, 2003   BKHNYPOT.RVW   20030126
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
              March 31, 2003           Indianapolis, IN
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Feb 11 2003 - 10:48:31 PST