July 2007
Intermediate to advanced
480 pages
13h 20m
English
Content preview from Virtual Honeypots: From Botnet Tracking to Intrusion DetectionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Chapter 1. Honeypot and Networking Background
1.1 Brief TCP/IP Introduction
1.2 Honeypot Background
1.3 Tools of the Trade
This chapter provides a brief background on Internet protocols. We describe the most important elements like TCP (Transmission Control Protocol) and IP (Internet Protocol) routing. Some link layer information about ARP (Address Resolution Protocol) is necessary to understand how packets reach the end host. Furthermore, we also introduce the basic concept of honeypots. We present all the basic notions of different honeypot solutions and give some brief background, respective advantages, and drawbacks. This chapter can be skipped by people who already know the basics.
1.1 Brief TCP/IP Introduction
The so-called Internet protocol ...