Honeypots for Windows (Books for Professionals by Professionals) by Roger A. Grimes (PDF)

Description

* Talks about hardening a Windows host before deploying Honeypot * Covers how to create your own emulated services to fool hackers * Discusses physical setup of Honeypot and network necessary to draw hackers to Honeypot * Discusses how to use Snort to co-exist with Honeypot * Discusses how to use a Unix-style Honeypot to mimic a Windows host * Discusses how to fine-tune a Honeypot * Discusses OS fingerprinting, ARP tricks, packet sniffing, and exploit signatures

User’s Reviews

Editorial Reviews: About the Author Roger A. Grimes (CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CEH, TICSA, Security+, MCT) is a Windows security consultant, instructor, and author. This is Grimes’ third book and he has written over a 150 articles for magazines like Windows IT Pro, Microsoft Certified Professional, InfoWorld, Network Magazine, Windows & .NET, and Security Administrator. He is a contributing editor for Windows & .NET, and InfoWorld magazines. Grimes has presented at Windows Connections, MCP TechMentors, and SANS. He was recognized as “Most Valuable Professional” (MVP) by Microsoft, for Windows Server 2003 security. Grimes also writes frequently for Microsoft, including material for two courses on advanced Windows security and Technet. He has taught security to many of the world’s largest and most respected organizations, including Microsoft, VeriSign, the U.S. Navy, various universities, and public school systems. Grimes spends his time surrounded by the maddening hum of twelve 1U servers in his home office, monitoring his personal honeypots.

Reviews from Amazon users which were colected at the time this book was published on the website:

⭐This book provides much more detailed information on various security tools that operate natively in Windows. It provides a good baseline of understanding fpr novices as well as details on how to effectively use tools installed on a honeypot

⭐Review by Lou Vega of the Greater Charleston .NET User GroupThis book provides immediate and useful information whether you have previous experience with Honeypots or hadn’t even heard of one until you picked up the book. I would recommend this book to anyone who has ever been interested in network and systems security as it pertains to a Microsoft Windows environment, especially in light of the fact that most previous books and articles with information about Honeypots were geared toward *nix systems.Those who have no previous experience with Honeypots and would like a background lesson can jump right into Chapters 1 and 2 which should give them a fair basic understanding of what’s involved. Those persons who want to get right to work…start browsing between chapters 3 and 8 for hands on information including screenshots and installation/configuration information. Later chapters cover more advanced information concerning the monitoring and analysis of the traffic captured using your Honeypot.The author doesn’t leave you stranded with just setting up a Honeypot either. The chapters on Network Analysis, Honeypot Monitoring and alerting, and Honeypot data analysis give you a chance to begin to make real use of the Honeypot and the data gathered while using it. The walkthroughs for setting these analysis and monitoring tools seem easy enough and the author makes good use of available open source tools out there for those who don’t have the budget for some of the commercial applications available.An added bonus for any networking security person is the wealth of information concerning how to harden a Windows Server, common ports used in malware and numerous configuration demonstrations make this a handy book to keep as a general security reference.This book will make a fine addition to any IT professional’s reference collection.

⭐Before reading Roger’s book I was pretty sure I had a solid understanding of Honeypots, how they work, how they should be deployed, etc. I can honestly say that I still learned a lot from this book. Recommended for beginner to advanced user. The examples are great and very specific. Running a honeypot in a windows environment definately benefits many of my clients because they are unsure how to properly secure a *nix machine. This book showed me step-by-step how to set-up a fully functional Windows Honeypot that anyone can administer. Thanks for the great info Mr. Grimes, can’t wait to read the next book.

⭐I have been recently doing research on honeypots/nets and having read through Know Your Enemy(honeynet project) and Tracking Hackers(Lance Spitzner). Both were full of great information but this book really lays out the what it takes to have a succeful honeypot and gives step by step instructions on how to set up a few different types. Its easy to read for a beginner, and easy to follow. It’s also the only good guide to honeypots on the Windows side, and as a bonus all of the tools and information are current, as it was published this year(2005).

⭐Honeypots are an exciting technology with tremendous potential for the security community. However, one of their limitations has been they have primarily been Unix based. Roger does an outstanding job of addressing this issue, bringing them into the Windows community.

⭐There are very few good books regarding honeypots running on Windows. This one is a good example and I would recommend it. A good level of technical knowledge is required to make full use of it.

⭐Excellent

Keywords

Free Download Honeypots for Windows (Books for Professionals by Professionals) in PDF format
Honeypots for Windows (Books for Professionals by Professionals) PDF Free Download
Download Honeypots for Windows (Books for Professionals by Professionals) 2005 PDF Free
Honeypots for Windows (Books for Professionals by Professionals) 2005 PDF Free Download
Download Honeypots for Windows (Books for Professionals by Professionals) PDF
Free Download Ebook Honeypots for Windows (Books for Professionals by Professionals)