Chapter 11. Tracking Botnets

11.1 Bot and Botnet 101

11.2 Tracking Botnets

11.3 Case Studies

11.4 Defending Against Bots

11.5 Summary

So far, we have talked a great deal about specific honeypots and how they work. In this chapter we discuss how these very same honeypots can be used in the real world to learn about threats. We will start by showing you what can be learned about threats such as malware and botnets — networks of compromised machines that can be remotely controlled by an attacker. Botnets can cause much harm in today’s Internet. For example, they are often used to mount Distributed Denial of Service (DDoS) attacks or to send out spam or phishing mails. Moreover, botnets can be used for mass identity theft or other abuses of the ...

Get Virtual Honeypots: From Botnet Tracking to Intrusion Detection now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.