Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Chapter 10. Case Studies

10.1 Blast-o-Mat: Using Nepenthes to Detect Infected Clients

10.2 Search Worms

10.3 Red Hat 8.0 Compromise

10.4 Windows 2000 Compromise

10.5 SUSE 9.1 Compromise

10.6 Summary

Up to this point, we have primarily taken a look at the technique behind honeypots. We have introduced several tools and showed how to set up and configure them. Now we alter our point of view a bit and present some case studies and examples of the lessons learned with honeypots. At first, we introduce an operational example of how to detect infected machines on a network with the help of nepenthes. We present Blast-o-Mat, a custom network intrusion detection system (NIDS), developed and deployed at RWTH Aachen University, Germany. We introduce ...

Get Virtual Honeypots: From Botnet Tracking to Intrusion Detection now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Virtual Honeypots: From Botnet Tracking to Intrusion Detection by

Chapter 10. Case Studies

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly