RE: Honeypot books

["Roger A. Grimes" <roger () banneretcs com>]

If you're interested in Microsoft Windows and Windows Honeypots you can
always try my book, Honeypots for Windows
(http://www.amazon.com/Honeypots-Windows-Experts-Voice-Grimes/dp/1590593
359). The first few chapters cover honeypots in general, including how
to set them up on a network to work correctly...I think the best that
any of the books covers. The middle chapters cover various Windows
honeypots, and the latter chapters cover Monitoring, Logging, and
Forensics (of Windows-based honeypots). But all of the available
Honeypot books are good.

Roger

*****************************************************************
*Roger A. Grimes, InfoWorld, Security Columnist 
*CPA, CISSP, CISA, MCSE: Security (2000/2003), CEH, yada...yada...
*email: roger_grimes () infoworld com or roger () banneretcs com
*Author of Windows Vista Security: Securing Vista Against Malicious
Attacks (Wiley)
*http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470
101555
*****************************************************************


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Dodge, R. LTC IETD
Sent: Wednesday, December 26, 2007 8:46 AM
To: karlzen; honeypots () securityfocus com
Subject: RE: Honeypot books

The new book "Virtual Honeypots" is a great read.  I am not sure it will
provide you the depth you are looking for. 

What is the thesis of your project?  You may need to find books that
detail technologies specific to your project, i.e. "TCP/IP vol I or II"
from Stevens, a detailed reference on SNORT, or a more service (like
APACHE) focused book.

Ron

Ron Dodge
ronalddodge () gmail com
West Point Honeynet Project: http://westpoint.honeynet.org/
 


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Jamie Riden
Sent: Tuesday, December 25, 2007 4:45 AM
To: karlzen
Cc: honeypots () securityfocus com
Subject: Re: Honeypot books

On 24/12/2007, karlzen <henrik.karlzen () bostream nu> wrote:
> Hi everyone!
>
> I'm new here and I hope my question is not posed in the wrong forum. 
> :)
>
> After New Year I will do my bachelor project which will consist of 
> adding/improving on an existing honeypot application. Now, I'm new to 
> this area but have for example taken a course on network security.
> Anyway, I'm going to buy a book on the subject and am wondering which 
> one is best suited. I've checked out 
> http://www.honeypots.net/honeypots/books and apparently all the books 
> get great reviews on amazon. Since I will be coding some stuff myself 
> I'd like the book to explain such things in more detail and not just 
> existing tools (but of course I don't want to "cheat"). Is the latest
"Virtual honeypots" the best bet?

I think it's a great book, but I haven't read other honeypot books so I
can't compare directly. It covers a lot of ground, including every
honeypot technology I'd heard of and quite a few that I hadn't before I
read it.

I think a lot of people find the title slightly misleading - in fact it
has a lot of detail about honeypots in general and is not restricted to
virtualised implementations.

Happy Christmas,
 Jamie
--
Jamie Riden / jamesr () europe com / jamie () honeynet org uk UK Honeynet
Project: http://www.ukhoneynet.org/