Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private> BKHNYPOT.RVW 20030126 "Honeypots: Tracking Hackers", Lance Spitzner, 2003, 0-321-10895-7, U$44.99/C$69.99 %A Lance Spitzner hostmaster@tracking-hackers.com %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 2003 %G 0-321-10895-7 %I Addison-Wesley Publishing Co. %O U$44.99/C$69.99 800-822-6339 fax 617-944-7273 bkexpressat_private %O http://www.amazon.com/exec/obidos/ASIN/0321108957/robsladesinterne %P 452 p. + CD-ROM %T "Honeypots: Tracking Hackers" Chapter one is an introduction to the honeypot concepts, and the story of Spitzner's first attempt to run one. An overview of attackers and tools is given in chapter two. A history of honeypots is provided in chapter three, and a list of basic types. Chapter four looks at the benefits (and also the problems) of these types of programs. The types of honeypots are grouped into high, medium, and low intereactivity, in chapter five. The explanations given, in this first section, are good and simple. Tables and figures provided, however, often require interpretation. Chapters six to eleven are reviews and descriptions of honeypots and related programs. There is a tutorial on the setup and use of Back Officer Friendly in chapter six. Specter, in chapter seven, gets a detailed review and a discussion of the program's options. Chapter eight discusses how honeyd emulates a network. Port monitoring, with netcat, and jails, using chroot, are covered in chapter nine. Mantrap cages are discussed in chapter ten. Chapter eleven reviews two generations of honeynets, with lots of details. Chapter twelve examines choosing and camouflaging honeypots. Maintaining and using a honeypot is in chapter thirteen. Chapter fourteen presents a couple of "case studies," integrating material from previous chapters. There is a reasonable discussion of legal issues in chapter fifteen. Future directions for honeypots are examined in chapter sixteen. "Know Your Enemy" (cf BKKNYREN.RVW) presented a fascinating glimpse into both honeypots and the blackhat community, but only a glimpse. This book provides much more detail into the inner workings, setup, and technologies involved in sensors for detecting and dissecting network intrusions. copyright, Robert M. Slade, 2003 BKHNYPOT.RVW 20030126 -- ====================== rsladeat_private rsladeat_private sladeat_private p1at_private Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/ Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458): March 31, 2003 Indianapolis, IN - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Feb 11 2003 - 10:48:31 PST