Chapter 10. Case Studies
10.1 Blast-o-Mat: Using Nepenthes to Detect Infected Clients
10.2 Search Worms
10.3 Red Hat 8.0 Compromise
10.4 Windows 2000 Compromise
10.5 SUSE 9.1 Compromise
10.6 Summary
Up to this point, we have primarily taken a look at the technique behind honeypots. We have introduced several tools and showed how to set up and configure them. Now we alter our point of view a bit and present some case studies and examples of the lessons learned with honeypots. At first, we introduce an operational example of how to detect infected machines on a network with the help of nepenthes. We present Blast-o-Mat, a custom network intrusion detection system (NIDS), developed and deployed at RWTH Aachen University, Germany. We introduce ...
Get Virtual Honeypots: From Botnet Tracking to Intrusion Detection now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
