Honeypots and Routers: Collecting Internet Attacks (Hardcover)

Mohssen Mohammed, Habib-ur Rehman

相關主題

商品描述

As the number of Internet-based consumer transactions continues to rise, the need to protect these transactions against hacking becomes more and more critical. An effective approach to securing information on the Internet is to analyze the signature of attacks in order to build a defensive strategy. This book explains how to accomplish this using honeypots and routers. It discusses honeypot concepts and architecture as well as the skills needed to deploy the best honeypot and router solutions for any network environment.

Honeypots and Routers: Collecting Internet Attacks begins by providing a strong grounding in the three main areas involved in Internet security:

  • Computer networks: technologies, routing protocols, and Internet architecture
  • Information and network security: concepts, challenges, and mechanisms
  • System vulnerability levels: network, operating system, and applications

The book then details how to use honeypots to capture network attacks. A honeypot is a system designed to trap an adversary into attacking the information systems in an organization. The book describes a technique for collecting the characteristics of the Internet attacks in honeypots and analyzing them so that their signatures can be produced to prevent future attacks. It also discusses the role of routers in analyzing network traffic and deciding whether to filter or forward it.

The final section of the book presents implementation details for a real network designed to collect attacks of zero-day polymorphic worms. It discusses the design of a double-honeynet system architecture, the required software tools, and the configuration process using VMware. With the concepts and skills you learn in this book, you will have the expertise to deploy a honeypot solution in your network that can track attackers and provide valuable information about their source, tools, and tactics.

商品描述(中文翻譯)

隨著基於互聯網的消費交易數量不斷增加,保護這些交易免受黑客攻擊的需求變得越來越重要。在互聯網上保護信息的有效方法是通過分析攻擊的特徵來建立防禦策略。本書介紹了如何使用蜜罐和路由器來實現這一目標。它討論了蜜罐的概念和架構,以及在任何網絡環境中部署最佳蜜罐和路由器解決方案所需的技能。

《蜜罐和路由器:收集互聯網攻擊》首先提供了互聯網安全的三個主要領域的基礎知識:

- 電腦網絡:技術、路由協議和互聯網架構
- 信息和網絡安全:概念、挑戰和機制
- 系統漏洞級別:網絡、操作系統和應用程序

然後,本書詳細介紹了如何使用蜜罐來捕獲網絡攻擊。蜜罐是一種設計用於誘捕對組織信息系統進行攻擊的對手的系統。本書描述了一種在蜜罐中收集互聯網攻擊特徵並對其進行分析的技術,以便生成其簽名以防止未來的攻擊。它還討論了路由器在分析網絡流量並決定是否過濾或轉發流量方面的作用。

本書的最後一部分介紹了一個用於收集零日多態蠕蟲攻擊的真實網絡的實施細節。它討論了雙蜜罐系統架構的設計、所需的軟件工具以及使用VMware進行配置的過程。通過本書中學到的概念和技能,您將具備在您的網絡中部署蜜罐解決方案的專業知識,可以追蹤攻擊者並提供有關其來源、工具和策略的有價值信息。