Can anyone recommend any good literature about Honeypots?

untagged

I'm interested in learning more about Honeypots and Honeynets. I've used low interaction Honeypots like Honeyd in the past, but now I want to take it to the next level.

Can anyone recommend any good books or papers about Honeypots/Honeynets?


There are a few books on the subject (although I've never bothered with them), however I can recommend you some readily updated websites:

The always interesting honeyblog

The European Network of Affined Honeypots has many recent papers and presentations

The Honeynet Project has some good papers

Distributed honeypot management software and a video discussion of the current state of the threat

A directory of honeypot server related sites

Shadowserver has some good general stats

Finally there are some old (circa 2000) papers cited in this article


I just finished reading the book Beautiful Security, and it has a nice chapter on 'honey clients'. Instead of focusing on server side exploits, they look at how malware installs itself onto a client. The book has some good suggestions on using VMWare, and detecting system changes.

Beautiful Security http://ecx.images-amazon.com/images/I/51wsK04PePL._SL160_.jpg

Related

My templog.ldf is huge (45gb), What if anything should I do?
vgcreate --> "Command failed with status code 5." what does this mean?
Global vs local puppet management
Is it standard to try to send mail to the A DNS record if there is no MX record?
Block IP on EC2. Firewall or other options?
IIS7 Windows Authentication Providers
Does SCP lock the file it is transfering?
Server load high, CPU idle. NFS the cause?
Can I resize the screen resolution of a remote desktop session?
Idiomatic way to invoke chef-solo?
Add group rwx permissions to a folder
PHP: what is --enable-zend-multibyte configure option for?