As the number of Internet-based consumer transactions continues to rise, the need to protect these transactions against hacking becomes more and more critical. An effective approach to securing information on the Internet is to analyze the signature of attacks in order to build a defensive strategy. This book explains how to accomplish this using honeypots and routers. It discusses honeypot concepts and architecture as well as the skills needed to deploy the best honeypot and router solutions for any network environment.
Honeypots and Routers: Collecting Internet Attacks begins by providing a strong grounding in the three main areas involved in Internet security:
Computer networks: technologies, routing protocols, and Internet architecture
Information and network security: concepts, challenges, and mechanisms
System vulnerability levels: network, operating system, and applications
The book then details how to use honeypots to capture network attacks. A honeypot is a system designed to trap an adversary into attacking the information systems in an organization. The book describes a technique for collecting the characteristics of the Internet attacks in honeypots and analyzing them so that their signatures can be produced to prevent future attacks. It also discusses the role of routers in analyzing network traffic and deciding whether to filter or forward it.
The final section of the book presents implementation details for a real network designed to collect attacks of zero-day polymorphic worms. It discusses the design of a double-honeynet system architecture, the required software tools, and the configuration process using VMware. With the concepts and skills you learn in this book, you will have the expertise to deploy a honeypot solution in your network that can track attackers and provide valuable information about their source, tools, and tactics.