Beschreibung
With the increasing resilience of operating systems towards automated attacks, the application layer has come into the focus of criminals. Specially prepared websites in the World Wide Web compromise visitors by exploiting vulnerabilities in web browsers, emails with attached files exploit common email applications, and embedded links in instant messenger or Twitter messages lead to malware contaminated sites. This book introduces a new weapon in computer warfare which helps to collect more information about malicious websites, client-side exploits, attackers, and their proceeding. Client honeypots are a new technique to study malware that targets user client applications, like web browsers, email clients, or instant messengers. We introduce some of the more well-known client honeypots, how they work, and how they can be used to secure a computer network. Furthermore, the authors show a few of the most frequently used client application exploits and how they can be examined to get more information about the underground economy.
Autorenportrait
Jan Göbel is a Ph.D. student at the Laboratory for Dependable Distributed Systems at the University of Mannheim, Germany. He developed the low-interaction server honeypot Amun and the bot detection software Rishi. He also implemented the high-interaction client honeypot prototype Ramsis. He is a member of the German Honeynet Project and one of the founders of Pi-One, a German security company. Currently, his work focusses on spam detection, bots/botnets, honeypots, and malware in general. He regularly blogs at http://zeroq.kulando.de.