Botnets

The Killer Web Applications

  • Anthony Bradley
    • Michael Cross, Computer Forensic Analyst with the Niagara Regional Police Service, Canada
      • Gadi Evron, Former Internet Security Operations Manager for the Israeli government, Founder of the Israeli government's Computer Emergency Response Team
        • David Harley, David Harley has been researching and writing about malicious software and other security issues since the end of the 1980s. From 2001 to 2006 he worked in the UK's National Health Service as a National Infrastructure Security Manager, where he specialized in the management of malicious software and all forms of email abuse, as well as running the Threat Assessment Centre, and has worked since as an independent author and consultant for Small Blue-Green World. He joined ESET's Research team in January 2008. He was co-author of Viruses Revealed (McGraw-Hill) and lead author and technical editor of The AVIEN Malware Defense Guide for the Enterprise (Syngress), as well as a contributor to Botnets: the Killer Web App (Syngress). He has contributed chapters to many other books on security and education for publishers such as Wiley, Pearson and Vieweg, as well as a multitude of specialist articles and conference papers. In his copious free time he is Chief Operations Officer for AVIEN (the Anti-Virus Information Exchange Network) and administers the MAC Virus web site.
          • Chris Ries, Security Research Engineer for VigilantMinds Inc.
            • Carsten Willems
            • By

              • Craig Schiller, CISO for Portland State University and President of Hawkeye Security Training, LLC
              • James Binkley, Teacher, network engineer, and researcher, Portland State University, USA

              The book begins with real world cases of botnet attacks to underscore the need for action. Next the book will explain botnet fundamentals using real world examples. These chapters will cover what they are, how they operate, and the environment and technology that makes them possible. The following chapters will analyze botnets for opportunities to detect, track, and remove them. Then the book will describe intelligence gathering efforts and results obtained to date. Public domain tools like OurMon, developed by Jim Binkley of Portland State University, will be described in detail along with discussions of other tools and resources that are useful in the fight against Botnets.
              View full description

              Audience

              Information security officers, network administrators, system administrators, incident response teams, security researchers, law enforcement, and security/network software developers are the primary audience for this book. The secondary audience includes CIOs and IT managers and directors who are being questioned by board members and executives about this new threat.

 

Book information

  • Published: February 2007
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-135-8


Table of Contents

Botnets: A Call to ActionBotnets OverviewAlternative Botnet C&CsCommon BotnetsBotnet Detection: Tools and TechniquesOurmon: Overview and InstallationOurmon: Anomaly Detection ToolsIRC and BotnetsAdvanced Ourmon TechniquesUsing Sandbox Tools for BotnetsIntelligence ResourcesResponding to Botnets