Know Your Enemy

Very few organizations today know who their enemy is or how they might attack; when they might attack; what the enemy does once they compromise a system; and, perhaps most important, why they attack. The Honeynet Project is changing this. With the help of members of the Honeynet Research Alliance and active contributors throughout the security community, this organization is researching the tools, tactics, and motives of the blackhat community. Their primary weapon is the Honeynet, a relatively new security technology made up of networks of systems that are designed to be compromised. ***This second edition is divided into three parts: how to set up a honeynet, how to analyze the collected data, and what the authors have learned about "the enemy" from the data. It covers new techniques and technologies never published before, including second-generation and distributed Honeynets. It also explains data analysis in much greater detail, with entire chapters dedicated to Window forensics, UNIX forensics, reverse engineering, and network forensics. Completely revised edition of the one-of-a-kind "intelligence report" on those who use the Internet for destructive means.° Honeynets are high-interaction honeypots designed to capture extensive information on threats.° Lead author Lance Spitzner is the founder of the Honeynet Project and the author of Honeypots: Tracking Hackers.° This book does not contain theories. Each chapter is based on real, designed incidents and attacks within the security world.