honeypots for windows

The honeypot buzz (still deciding if the pun was intended) has picked up considerably in the past five years or so. With more and more security exploits coming out every week, honeypots serve as a great method to learn what hackers are actually doing.

While I've heard lots of different things about honeypots running on Unix and Linux systems, this book was the first I've heard of using Windows. And if you think about it, it makes sense, too. While there's still debate on which operating system has more exploits and more holes, everyone has to admit that, either way, Windows has a lot.

To cut to the chase, this book was really good. It covered the obvious topics that you would expect to find in a book titled "Honeypots for Windows": reasons for setting up a honeypot, installing and configuring, capturing data, and analyzing the captured data. It also touched on a lot of other topics as well -- like the history and theory of honeypots, hardening Windows, a little computer forensics, and even disecting malware. There were also a few tables like the ones on common listening Windows ports and explanations of the Windows services that I'll definitely be using as reference for other projects.

Overall, I was very impressed with this book. You can start reading it knowing nothing about honeypots at all and finish with all the information you need to start your own Windows honeypot project.

This book gets a 9 out of 10.

Menu

• Home
• About
• Articles
• Reviews
• Contact

Advertisements

© 2008 Adminspotting.net