"The Book will cover installing, configuring, and maintaining security Honeypots on Windows platforms. The Book will specifically cover the popular open source Honeypot product called honeyd, and summarize other commercial Honeypot solutions. There are no computer security books covering Honeypots (or IDSs) as they run on Windows platforms.
Developers who are tired of reading Unix and Linux documentation and newsgroups to get information on how to build and maintain a Windows-based Honeypot this book is for you. No longer will you have to rummage through Unix-only advice and utilities to pull out the information that related to your Windows deployment. No longer will you have to listen to some Unix head bash Microsoft and Bill Gates when all you wanted to know is why your Honeypot wasn't working. Learn special tricks and troubleshooting hints to run a Windows-based Honeypot.
Target audience: Windows network and security administrators; intrusion detection software users; subscribers to Honeypot mailing list; readers of other author's Honeypot books - all are very Unix-centric TOC:Foreword.- Introduction.- Why Honeypots.- Honeypot Deployment Methodology.- Installation.- Configuration.- Monitoring, Logging, and Reporting.- Service Scripts.- Analyzing Honeypot Data.- Special Considerations of Using Honeypots on Windows.- Using with Snort.- Advanced Topics.- Overview of Other Windows-based Honeypots.- Appendix: Honeypot Resources."
A table of contents is not available for this title.
Installing a honeypot inside your network as an early warning system can significantly improve your security. Currently, almost every book and resource about honeypots comes from a Unix background, which leaves Windows administrators still grasping for help. But Honeypots for Windows is a forensic journeyhelping you set up the physical layer, design your honeypot, and perform malware code analysis.
Youll discover which Windows ports need to be open on your honeypot to fool those malicious hackers, and youll learn about numerous open source tools imported from the Unix world. Install a honeypot on your DMZ or at home and watch the exploits roll in! Your honeypot will capture waves of automated exploits, and youll learn how to defend the computer assets under your control.