Rating: 
Summary: An original, motivational computer security book
Review: During the 1990s, publishers printed a handful of computer security books per year. Now dozens appear each month, all competing for our limited time and shelf space. Of these "new" books, hardly any offer original, innovative material. Thankfully, Lance Spitzner's "Honeypots" breaks this trend. His is the only book devoted to honeypot technologies, and it will both motivate and inform any reader.
"Honeypots" is one-stop-shopping for the world of blackhat deception and observation. Spitzner gets the reader up to speed on commercial and free honeypot technologies, then effectively argues how these tools fit within the enterprise's security infrastructure. He concludes with explanations of how to configure, deploy, and operate a variety of honeypots.
"Honeypots" shines with good material, like the honeypot history in chapter 3, the explanation of GenI and GenII honeynets in chapter 11, and the all-star legal discussion in chapter 15. Spitzner also demonstrates his understanding of subtle but critical security engineering concepts, such as learning by analyzing failure (p. 8) and studying second-order effects when first-order events are tough to detect (chapter 4).
I have two minor critiques. First, the text could have been a bit more concise. Second, it's best not to confuse people by calling the "link" layer by the name "layer 1" and the network layer as "layer 2" (p. 149). Stevens and others do show the TCP/IP model as link - network - transport - application. However, network engineers usually think of "layer 2" as the data link layer and "layer 3" as the network layer.
I was a big fan of the HoneyNet Project's book, minus the 150 pages of IRC logs. I think all security-minded readers will find the entire "Honeypots" book exciting. I rarely find security books that rally me to join a cause, but Spitzner's is an exception.
Rating:
Summary: An original, motivational computer security book
Review: During the 1990s, publishers printed a handful of computer security books per year. Now dozens appear each month, all competing for our limited time and shelf space. Of these "new" books, hardly any offer original, innovative material. Thankfully, Lance Spitzner's "Honeypots" breaks this trend. His is the only book devoted to honeypot technologies, and it will both motivate and inform any reader.
"Honeypots" is one-stop-shopping for the world of blackhat deception and observation. Spitzner gets the reader up to speed on commercial and free honeypot technologies, then effectively argues how these tools fit within the enterprise's security infrastructure. He concludes with explanations of how to configure, deploy, and operate a variety of honeypots.
"Honeypots" shines with good material, like the honeypot history in chapter 3, the explanation of GenI and GenII honeynets in chapter 11, and the all-star legal discussion in chapter 15. Spitzner also demonstrates his understanding of subtle but critical security engineering concepts, such as learning by analyzing failure (p. 8) and studying second-order effects when first-order events are tough to detect (chapter 4).
I have two minor critiques. First, the text could have been a bit more concise. Second, it's best not to confuse people by calling the "link" layer by the name "layer 1" and the network layer as "layer 2" (p. 149). Stevens and others do show the TCP/IP model as link - network - transport - application. However, network engineers usually think of "layer 2" as the data link layer and "layer 3" as the network layer.
I was a big fan of the HoneyNet Project's book, minus the 150 pages of IRC logs. I think all security-minded readers will find the entire "Honeypots" book exciting. I rarely find security books that rally me to join a cause, but Spitzner's is an exception.
Rating:
Summary: great introduction and reference on honeypots
Review: Honeypots is an excellent introduction to the subject of honeypots, useful as a reference for experts as well as for beginners to the subject. It is written very clearly and provides step-by-step instructions with plenty of examples and screenshots. It covers commercial, open source, and do-it-yourself solutions, from very simple low-interaction detection honeypots to very high-interaction research honeypots. A CD-ROM is included with software and example data collected by honeypots. One defect is a fairly large number of typos.
Rating:
Summary: great introduction and reference on honeypots
Review: Honeypots is an excellent introduction to the subject of honeypots, useful as a reference for experts as well as for beginners to the subject. It is written very clearly and provides step-by-step instructions with plenty of examples and screenshots. It covers commercial, open source, and do-it-yourself solutions, from very simple low-interaction detection honeypots to very high-interaction research honeypots. A CD-ROM is included with software and example data collected by honeypots. One defect is a fairly large number of typos.
Rating:
Summary: For anyone invested with cyber security responsibilities
Review: Honeypots: Tracking Hackers By Lance Spitzner (Senior Security Architect for Sun Microsystems, Inc.) is an advanced computer science text to understanding and making use of "honeypots" (technological systems specifically designed to be compromised by online attackers) as burglar alarms, incident response systems, or tools for gathering information about hackers in order to better guard the security of one's compter data. Technical know-how, advanced theory, guidance from three legal experts, and more fill the pages of this excellent and very strongly recommended resource for anyone invested with cyber security responsibilities. An accompanying CD-ROM contains white papers, source code, and data captures of real attacks to facilitate the deployment of honeypot solutions to serious computer problems.
Rating:
Summary: For anyone invested with cyber security responsibilities
Review: Honeypots: Tracking Hackers By Lance Spitzner (Senior Security Architect for Sun Microsystems, Inc.) is an advanced computer science text to understanding and making use of "honeypots" (technological systems specifically designed to be compromised by online attackers) as burglar alarms, incident response systems, or tools for gathering information about hackers in order to better guard the security of one's compter data. Technical know-how, advanced theory, guidance from three legal experts, and more fill the pages of this excellent and very strongly recommended resource for anyone invested with cyber security responsibilities. An accompanying CD-ROM contains white papers, source code, and data captures of real attacks to facilitate the deployment of honeypot solutions to serious computer problems.
Rating:
Summary: The Only One
Review: I just read this book and am really impressed. It is not worse or better than other similar books. It is just the only serious book around.(on these issues). Perhaps you could compare it with 'Know your Enemy' (KyE) but then 'Tracking Hackers' would win hands down. After all, about the same content of KyE can be found in the pages of 'The Honeynet Project'. Of course KyE is more concise and organized (than the site), easier to use for understanding Honeynets, and several original attacks are discussed in the book. A good book indeed.
However, HTH is very special, because for the first time there is an extensive discussion about Honeypots, in a unique document (book). And it is very well written. From beginners to experts everybody will enjoy the book. Every single detail is clearly and patiently explained and fitted in the honeypots puzzle. The case studies are clever and representative. The Honeypots are classified according their level of interaction, and treated following the same sequence: BOF, Specter, Honeyd, Man Trap, and 'Home Made' Honeypots (including Jailed Environments) are thoroughly analyzed. Even Honeynets are discussed, and an significative case study is used to 'put all together'.
As a bonus the related 'legal issues' are also discussed (new to me).
At the bottom line it is an excellent book not only for reading (beginners and intermediates), but also for being used by experts as a reference in Security Courses (just what I am planning to do).
Rating: 
Summary: Great Overview
Review: I thought this was a great overview of the Honeypot and Honeynet mechanisms. In my role as a system artchitect I could probably benefit more from the lessons learned out of specific Honeynet deployments than in how to build and instantiate one myself. But the thought processes one goes through in the deployment of such a mechanism and the tracking of "hackers" was extremely informative. I would recommend this book for IT professionals, especially ones in charge of large system deployments, although I think most IT security professionals would find this book too much of a review.
Rating:
Summary: Great Overview
Review: I thought this was a great overview of the Honeypot and Honeynet mechanisms. In my role as a system artchitect I could probably benefit more from the lessons learned out of specific Honeynet deployments than in how to build and instantiate one myself. But the thought processes one goes through in the deployment of such a mechanism and the tracking of "hackers" was extremely informative. I would recommend this book for IT professionals, especially ones in charge of large system deployments, although I think most IT security professionals would find this book too much of a review.
Rating:
Summary: A great book!
Review: I've been watching Lance and the honeynet guys' progress since they started and I think they're one of the leading lights in the security field right now. This is a well-written and interesting book with lots of crunchy technical stuff! A+!
|
