Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Chapter 11. Tracking Botnets

11.1 Bot and Botnet 101

11.2 Tracking Botnets

11.3 Case Studies

11.4 Defending Against Bots

11.5 Summary

So far, we have talked a great deal about specific honeypots and how they work. In this chapter we discuss how these very same honeypots can be used in the real world to learn about threats. We will start by showing you what can be learned about threats such as malware and botnets — networks of compromised machines that can be remotely controlled by an attacker. Botnets can cause much harm in today’s Internet. For example, they are often used to mount Distributed Denial of Service (DDoS) attacks or to send out spam or phishing mails. Moreover, botnets can be used for mass identity theft or other abuses of the ...

Get Virtual Honeypots: From Botnet Tracking to Intrusion Detection now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Virtual Honeypots: From Botnet Tracking to Intrusion Detection by Niels Provos, Thorsten Holz

Chapter 11. Tracking Botnets

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly