The Bottom Line
This book provides valuable information. However, some of the stuff is repetitive and there are 100 or so pages of IRC chat transcript that provide no real value. Overall, a good book worth reading.
Pros
- Detailed discussion of the Honeynet Project
- Valuable insight into current attack techniques
- CDROM includes useful tools and utilities
Cons
- IRC chat transcript is mostly useless filler
- Some information is redundant
Description
- Part 1 provides an overview of honeypots and The Honeynet Project and the purpose of setting it up.
- Part 2 discusses the analysis of collected data and how to extract the useful information
- Part 3 covers the "Enemy" and delves into the motives and tactics of attackers
- The appendix provides an introduction to configuring Snort- a well-known,open-source IDS
- The included CDROM contains tools and utilities you can use to set up your own honeypot
Guide Review - Book Review: Know Your Enemy
The Honeynet Project was created by a team of security researchers as a tool for monitoring hackers and learning more about how attacks are performed, what tools are used, etc.
The book discusses the theory of honeypots and purpose of The Honeynet Project. The book is not too techie and will provide you the knowledge and tools you need to set up your own honeypot if you choose.
The IRC chat transcript included provides some insight into the underground and what goes on there, but the majority of the 100 or so pages is just inane filler and provides no real value.
Nevertheless, this book has tons of valuable information and good insight into the motives, tools and techniques of the Blackhat community.
