Loading
Book Review - Know Your Enemy: Learning About Security Threats
If you're looking to investigate potential security risks on your network, read this book first.
A honeypot is the term used for a single computer placed on the Internet for the sole purpose of being compromised. A Honeynet, the subject of this book, essentially is a honeypot writ large. Instead of deploying a single computer to attract the more nefarious elements of computing society, you deploy several computers--an entire network of computers--whose sole purpose is to entice someone into attacking and compromising your systems. The end result of this exercise is to learn more about what kind of attacks you will see "in the wild" and how to defend against them.
The authors of Know Your Enemy: Learning About Security Threats have done a spectacular job of covering both the deployment of a honeynet and the analysis of captured data. One of the book's major strengths is providing an extraordinary amount of examples, sample code and advice on deployment and data analysis. I especially liked that the book uses real data from actual attacks to educate the reader. The authors cover Windows and Linux/UNIX environments, and they are specific about which tools to use and why those are the recommended tools.
This book even brings attention to the legal considerations of running a honeynet, which is a subject that needs serious attention. Perhaps the most entertaining chapter of the book is Chapter 16, "Profiling", essentially a psychological profile of black hat hackers. Hacker, however, is not the proper term to use for someone who illegally attacks and/or gains access to computer systems, and Chapter 16 offers a thorough explanation of proper terminology.
Although I didn't have the resources to test most of the code, examples and advice offered in this book, I believe it is remarkably thorough. The CD-ROM included with the book contains the tools the authors use throughout the text, as well as some sample data with which the reader can interact.
I absolutely would put this book at the top of the reading list for anyone about to deploy a honeynet. It might be a little too advanced for someone without a basic understanding of what a honeypot or honeynet is, but the book provides a wealth of information and is an excellent reference for anyone thinking about planning and deploying a honeynet.
______________________
White Paper
Fabric-Based Computing Enables Optimized Hyperscale Data Centers
Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- New Products
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Home, My Backup Data Center
- RSS Feeds
- Trying to Tame the Tablet
- New Products
- What's the tweeting protocol?
- Validate an E-Mail Address with PHP, the Right Way
- Drupal is an Awesome CMS and a Crappy development framework
2 hours 12 min ago - IT industry leaders
4 hours 34 min ago - Reply to comment | Linux Journal
21 hours 22 min ago - Reply to comment | Linux Journal
23 hours 55 min ago - Reply to comment | Linux Journal
1 day 1 hour ago - great post
1 day 1 hour ago - Google Docs
1 day 2 hours ago - Reply to comment | Linux Journal
1 day 6 hours ago - Reply to comment | Linux Journal
1 day 7 hours ago - Web Hosting IQ
1 day 9 hours ago
Enter to Win an Adafruit Prototyping Pi Plate Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Prototyping Pi Plate Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- Next winner announced on 5-21-13!
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.
Developer Poll
Comments
Recommended for anyone in security
They have completely re-written the first edition, using authors who are experts on their material...and it shows. Nice work!