Client-Honeypots

This book introduces a new weapon in computer warfare which helps to collect more information about malicious websites, client-side exploits, attackers, and their proceeding. Client honeypots are a new technique to study malware that targets user client applications, like web browsers, email clients, or instant messengers. We introduce some of the more well-known client honeypots, how they work, and how they can be used to secure a computer network. Furthermore, the authors show a few of the most frequently used client application exploits and how they can be examined to get more information about the underground economy.

Autorentext

Jan Göbel is a Ph.D. student at the Laboratory for Dependable Distributed Systems at the University of Mannheim, Germany. He developed the low-interaction server honeypot Amun and the bot detection software Rishi. He also implemented the high-interaction client honeypot prototype Ramsis. He is a member of the German Honeynet Project and one of the founders of Pi-One, a German security company. Currently, his work focusses on spam detection, bots/botnets, honeypots, and malware in general. He regularly blogs at http://zeroq.kulando.de.