Know Your Enemy Learning about Security Threats

ISBN-10: 0321166469

ISBN-13: 9780321166463

Edition: 2nd 2004 (Revised)

Authors: Honeynet Project Staff

List price: $54.99
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy


Very few organizations today know who their enemy is or how they might attack; when they might attack; what the enemy does once they compromise a system; and, perhaps most important, why they attack. The Honeynet Project is changing this. With the help of members of the Honeynet Research Alliance and active contributors throughout the security community, this organization is researching the tools, tactics, and motives of the blackhat community. Their primary weapon is the Honeynet, a relatively new security technology made up of networks of systems that are designed to be compromised. ***This second edition is divided into three parts: how to set up a honeynet, how to analyze the collected data, and what the authors have learned about "the enemy" from the data. It covers new techniques and technologies never published before, including second-generation and distributed Honeynets. It also explains data analysis in much greater detail, with entire chapters dedicated to Window forensics, UNIX forensics, reverse engineering, and network forensics.
what's this?
Rush Rewards U
Members Receive:
You have reached 400 XP and carrot coins. That is the daily max!
Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS PowerPoint® 2010 Online content $4.95 $1.99
Customers also bought

Book details

List price: $54.99
Edition: 2nd
Copyright year: 2004
Publisher: Addison Wesley Professional
Publication date: 5/17/2004
Binding: Mixed Media
Pages: 800
Size: 6.75" wide x 9.00" long x 1.50" tall
Weight: 2.530
Language: English

The Honeynet
The Beginning
The Honeynet Project
The Honeynet Research Alliance
Managing It All: Lessons We've Learned
Definition of Honeypots
Types of Honeypots
Uses of Honeypots
The Value of a Honeynet
The Honeynet Architecture
Types of Honeynets
GenI Honeynets
GenI Honeynet Architecture
GenI Options for Data Control
GenI Functionality for Data Capture
A Complete GenI Honeynet Setup Example
How It All Works Together: Example Attack Capture
GenII Honeynets
GenII Honeynet Improvements
GenII Honeynet Architecture
GenII Data Control
Data Capture
GenII Honeynet Deployment
Virtual Honeynets
What Is a Virtual Honeynet?
Self-Contained Virtual Honeynets
Hybrid Virtual Honeynets
Possible Implementation Solutions
Distributed Honeynets
What Is a Distributed Honeynet?
Physical Distribution
Honeypot Farms
The Latency Problem
Setting Up a Honeypot Farm
Issues Common to All Distributed Honeynets
Legal Issues
Monitoring Network Users
Crime and the Honeynet
Do No Harm: Liability to Others
The Analysis
The Digital Crime Scene
The Purpose and Value of Data Analysis
Capturing Different Types of Data Within the Honeynet
The Multiple Layers of Data Analysis and Their Value
Network Forensics
Performing Network Forensics
Network Traffic 101
Capturing and Analyzing Network Traffic
A Case Study from the Honeynet
Analyzing Nonstandard Protocols
Common Traffic Patterns for Forensic Analysts
Passive Fingerprinting
Computer Forensics Basics
Analysis Environment
Data Acquisition
UNIX Computer Forensics
Linux Background
Data Acquisition
The Analysis
Readiness Steps
Windows Computer Forensics
Windows File Systems
Data Acquisition
Analysis of the System
Analysis with Autopsy and the Sleuth Kit
Reverse Engineering
Static Analysis
Active Analysis
A Walkthrough: The Honeynet Reverse Challenge
Further Reading
Centralized Data Collection and Analysis
Centralizing Data
The Honeynet Security Console
The Enemy
A Sociological Analysis of the Whitehat/Blackhat Community
"A Bug's Life": The Birth, Life, and Death of an Exploit
Intelligence-Based Information Security: Profiling and Much More
Bringing It All Together
Attacks and Exploits: Lessons Learned
Types of Attacks
Who Is Performing Attacks?
Common Steps to Exploiting a System
Windows 2000 Compromise and Analysis
Honeypot Setup and Configuration
Honeynet Setup and Configuration
The Attack Log
Threat Analysis/Profile
Lessons Learned for Defense
Lessons Learned About Attackers
Linux Compromise
Honeynet Setup and Configuration
Forensics Procedure
The Day After
Event Summary
Example of Solaris Compromise
Honeynet Setup and Configuration
The Events for Day 1
Day 1 Summary of Events
The Events for Day 3
Day 3 Summary of Events
Profiling of the Intruder
The Future
Distributed Honeynets
Advanced Threats
Insider Threats
Law Enforcement Applications
Use and Acceptance
Blackhat Response
IPTables Firewall Script
Snort Configuration
Swatch Configuration
Network Configuration Summary
Honeywall Kernel Configuration
Genll rc.firewall Configuration
Resources and References
About the Authors
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.