Summary
This chapter covered the structured approach to honeypot analysis. It reviewed all the different ways to examine honeypot data, including analyzing network traffic, changes to the file system, and changes to the OS. There are hundreds of useful forensic utilities to help make the job easier.
Chapter 12 will finish the book by discussing malware code disassembly.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2005 Roger A. Grimes
About this chapter
Cite this chapter
(2005). Honeypot Data Analysis. In: Honeypots for Windows. Apress. https://doi.org/10.1007/978-1-4302-0007-9_11
Download citation
DOI: https://doi.org/10.1007/978-1-4302-0007-9_11
Publisher Name: Apress
Print ISBN: 978-1-59059-335-6
Online ISBN: 978-1-4302-0007-9
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)