UID:
almafu_9959242055402883
Umfang:
1 online resource (481 p.)
Ausgabe:
1st edition
ISBN:
9786611060237
,
9781281060235
,
1281060232
,
9780080500232
,
0080500234
Inhalt:
The book begins with real world cases of botnet attacks to underscore the need for action. Next the book will explain botnet fundamentals using real world examples. These chapters will cover what they are, how they operate, and the environment and technology that makes them possible. The following chapters will analyze botnets for opportunities to detect, track, and remove them. Then the book will describe intelligence gathering efforts and results obtained to date. Public domain tools like OurMon, developed by Jim Binkley of Portland State University, will be described in detail along with di
Anmerkung:
Includes index.
,
Front Cover; Botnets: The Killer Web App; Copyright Page; Contents; Chapter 1. Botnets: A Call to Action; Introduction; The Killer Web App; How Big Is the Problem?; The Industry Responds; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 2. Botnets Overview; What Is a Botnet?; The Botnet Life Cycle; What Does a Botnet Do?; Botnet Economics; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 3. Alternative Botnet C&Cs; Introduction: Why Are There Alternative C&Cs?; Historical C&C Technology as a Road Map; DNS and C&C Technology; Alternative Control Channels
,
Web-Based C&C ServersSummary; Solutions Fast Track; Frequently Asked Questions; Chapter 4. Common Botnets; Introduction; SDBot; RBot; Agobot; Spybot; Mytob; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 5. Botnet Detection: Tools and Techniques; Introduction; Abuse; Network Infrastructure: Tools and Techniques; Intrusion Detection; Darknets, Honeypots, and Other Snares; Forensics Techniques and Tools for Botnet Detection; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 6. Ourmon: Overview and Installation; Introduction
,
Case Studies:Things That Go Bump in the NightHow Ourmon Works; Installation of Ourmon; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 7. Ourmon: Anomaly Detection Tools; Introduction; The Ourmon Web Interface; A Little Theory; TCP Anomaly Detection; UDP Anomaly Detection; Detecting E-mail Anomalies; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 8. IRC and Botnets; Introduction; Understanding the IRC Protocol; Ourmon's RRDTOOL Statistics and IRC Reports; Detecting an IRC Client Botnet; Detecting an IRC Botnet Server; Summary; Solutions Fast Track
,
Frequently Asked QuestionsChapter 9. Advanced Ourmon Techniques; Introduction; Automated Packet Capture; Ourmon Event Log; Tricks for Searching the Ourmon Logs; Sniffing IRC Messages; Optimizing the System; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 10. Using Sandbox Tools for Botnets; Introduction; Describing CWSandbox; Examining a Sample Analysis Report; Interpreting an Analysis Report; Bot-Related Findings of Our Live Sandbox; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 11. Intelligence Resources; Introduction
,
Identifying the Information an Enterprise/University Should Try to GatherPlaces/Organizations Where Public Information Can Be Found; Membership Organizations and How to Qualify; Confidentiality Agreements; What to Do with the Information When You Get It; The Role of Intelligence Sources in Aggregating Enough Information to Make Law Enforcement Involvement Practical; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 12. Responding to Botnets; Introduction; Giving Up Is Not an Option; Why Do We Have This Problem?; What Is to Be Done?; A Call to Arms; Summary
,
Solutions Fast Track
,
English
Weitere Ausg.:
ISBN 9781597491358
Weitere Ausg.:
ISBN 1597491357
Sprache:
Englisch
Bookmarklink
