Honeypot Data Analysis


This chapter covered the structured approach to honeypot analysis. It reviewed all the different ways to examine honeypot data, including analyzing network traffic, changes to the file system, and changes to the OS. There are hundreds of useful forensic utilities to help make the job easier.

Chapter 12 will finish the book by discussing malware code disassembly.


Virtual Machine Malicious Code Forensic Analysis Forensic Tool Open Relay 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Roger A. Grimes 2005

Personalised recommendations