Verfügbarkeit: Client-Honeypots

Client-Honeypots: exploring malicious websites

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Göbel, Jan Gerrit 1979- (VerfasserIn), Dewald, Andreas (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	München Oldenbourg 2011
Schlagworte:	Softwareschwachstelle Malware Honeypot Client Website Exploit
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	XIX, 214 S. Ill., graph. Darst.
ISBN:	9783486705263

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV039102993
003	DE-604
005	20110819
007	t
008	110627s2011 gw ad\|\| \|\|\|\| 00\|\|\| eng d
015			\|a 11,N01 \|2 dnb
016	7		\|a 1008772003 \|2 DE-101
020			\|a 9783486705263 \|c Pb. : ca. EUR 69.80 (DE) \|9 978-3-486-70526-3
024	3		\|a 9783486705263
035			\|a (OCoLC)724748727
035			\|a (DE-599)DNB1008772003
040			\|a DE-604 \|b ger \|e rakddb
041	0		\|a eng
044			\|a gw \|c XA-DE-BY
049			\|a DE-634 \|a DE-92 \|a DE-20
082	0		\|a 005.84 \|2 22/ger
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
084			\|a 004 \|2 sdnb
100	1		\|a Göbel, Jan Gerrit \|d 1979- \|e Verfasser \|0 (DE-588)1011975548 \|4 aut
245	1	0	\|a Client-Honeypots \|b exploring malicious websites \|c by Jan Gerrit Göbel and Andreas Dewald
264		1	\|a München \|b Oldenbourg \|c 2011
300			\|a XIX, 214 S. \|b Ill., graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650	0	7	\|a Softwareschwachstelle \|0 (DE-588)4752508-3 \|2 gnd \|9 rswk-swf
650	0	7	\|a Malware \|0 (DE-588)4687059-3 \|2 gnd \|9 rswk-swf
650	0	7	\|a Honeypot \|0 (DE-588)1024872505 \|2 gnd \|9 rswk-swf
650	0	7	\|a Client \|0 (DE-588)4520996-0 \|2 gnd \|9 rswk-swf
650	0	7	\|a Website \|0 (DE-588)4596172-4 \|2 gnd \|9 rswk-swf
650	0	7	\|a Exploit \|0 (DE-588)4752509-5 \|2 gnd \|9 rswk-swf
689	0	0	\|a Website \|0 (DE-588)4596172-4 \|D s
689	0	1	\|a Malware \|0 (DE-588)4687059-3 \|D s
689	0	2	\|a Honeypot \|0 (DE-588)1024872505 \|D s
689	0	3	\|a Client \|0 (DE-588)4520996-0 \|D s
689	0	4	\|a Exploit \|0 (DE-588)4752509-5 \|D s
689	0	5	\|a Softwareschwachstelle \|0 (DE-588)4752508-3 \|D s
689	0		\|5 DE-604
700	1		\|a Dewald, Andreas \|e Verfasser \|4 aut
856	4	2	\|m DNB Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=022646891&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-022646891

Datensatz im Suchindex

_version_	1804145813006319616
adam_text	IMAGE 1 CONTENTS FOREWORD V LIST OF FIGURES XI LIST OF TABLES XV LISTINGS XVII 1 INTRODUCTION 1 1.1 MOTIVATION 2 1.2 OUTLINE 3 1.3 ABOUT THE AUTHORS 5 1.4 ACKNOWLEDGEMENTS 6 2 HONEYPOT BASICS 7 2.1 HONEYPOT DEFINITION 8 2.2 LOW- AND HIGH-INTERACTION HONEYPOTS 8 2.3 CLIENT AND SERVER HONEYPOTS 11 2.4 HONEYNETS 13 2.5 RESEARCH AND PRODUCTION HONEYNETS 16 2.6 SUMMARY 16 3 AN INTRODUCTION T O CLIENT-SIDE EXPLOITS 19 3.1 MALICIOUS WEBSITE 2 0 3.1.1 HTML 2 0 3.1.2 JAVASCRIPT 21 3.2 JAVASCRIPT OBJECTS AND INHERITANCE 25 3.3 BUFFER OVERFLOW 26 3.3.1 HISTORICAL EXCURSION 2 6 3.3.2 STACK-BASED BUFFER OVERFLOWS 27 3.4 VULNERABLE CLIENT APPLICATIONS 33 3.4.1 MOTIVATION 34 3.4.2 EMAIL CLIENTS 34 3.4.3 WEB BROWSERS 37 3.4.4 DOCUMENT READERS 4 6 VII HTTP://D-NB.INFO/1008772003 IMAGE 2 CONTENTS 3.4.5 VIDEO PLAYERS 4 8 3.4.6 AUDIO PLAYERS 5 0 3.5 DIFFERENT CLIENT-SIDE EXPLOITS 5 0 3.5.1 ACTIVEX 51 3.5.2 CROSS-SITE SCRIPTING (XSS) 51 3.6 SUMMARY 52 4 PROTECTION AND ANALYSIS TOOLS 55 4.1 CLIENT-SIDE PROTECTION TOOLS 56 4.1.1 ADSANDBOX BROWSER HELPER OBJECT 56 4.1.2 NOSCRIPT FIREFOX EXTENSION 59 4.1.3 NOZZLE 61 4.1.4 MCAFEE SITEADVISOR 62 4.2 MALICIOUS CONTENT ANALYSIS TOOLS 65 4.2.1 FLASM - FLASH ASSEMBLER/DISASSEMBLER 65 4.2.2 FLASH DECOMPILER 67 4.2.3 PDF TOOLKIT 67 4.2.4 JS-UNPACK 7 2 4.2.5 WEPAWET 72 4.2.6 MALZILLA 7 6 4.2.7 PDF PARSER 78 4.2.8 ORIGAMI 82 4.3 SUMMARY 83 5 A SURVEY OF CURRENT CLIENT-SIDE HONEYPOTS 85 5.1 STRIDER HONEYMONKEY 86 5.2 HONEYCLIENT 87 5.3 CAPTURE-HPC 89 5.4 SHELIA 93 5.5 HONEYC 9 5 5.6 PHONEYC 98 5.7 MONKEY SPIDER 100 5.8 WEB-EXPLOIT FINDER 102 5.9 SPYBYE 105 5.10 U W SPYCRAWLER 106 5.11 RAMSIS 106 5.12 HONEYLM 108 5.13 ADSANDBOX CLIENT HONEYPOT 110 5.14 SUMMARY I L L VIII IMAGE 3 CONTENTS 6 COMPOSING A HONEYCLIENT-FRAMEWORK 115 6.1 INPUT FOR CLIENT-SIDE HONEYPOTS 116 6.1.1 SPAMTRAP URLS 117 6.1.2 GOOGLE TRENDS 118 6.1.3 URL BLACKLISTS 118 6.2 THE CHOICE O F A HONEYCLIENT 120 6.3 RESULT PROCESSING 120 6.4 SUMMARY 124 7 OPERATING SELECTED CLIENT-SIDE HONEYPOTS 125 7.1 CAPTURE-HPC 126 7.1.1 SOFTWARE REQUIREMENTS 126 7.1.2 MYSQL DATABASE SCHEMA 127 7.1.3 CAPTURE-HPC CONFIGURATION 128 7.1.4 CAPTURE-HPC OUTPUT 132 7.2 SHELIA 148 7.2.1 SOFTWARE REQUIREMENTS 148 7.2.2 RUNNING SHELIA 149 7.2.3 SHELIA OUTPUT 152 7.3 PHONEYC 157 7.3.1 SOFTWARE REQUIREMENTS 157 7.3.2 RUNNING PHONEYC 158 7.4 RAMSIS 160 7.4.1 SOFTWARE REQUIREMENTS 161 7.4.2 RUNNING RAMSIS 161 7.4.3 RAMSIS OUTPUT 162 7.5 ADSANDBOX 168 7.5.1 SOFTWARE REQUIREMENTS 168 7.5.2 RUNNING ADSANDBOX 168 7.5.3 ADSANDBOX OUTPUT 170 7.5.4 JAVASCRIPT DETECTION EXAMPLES 170 7.5.5 DETECTION O F COMMON EXPLOITS 179 7.6 SUMMARY 189 8 EPILOGUE 191 A APPENDIX 193 A.L PYTHON SCRIPTS 193 B APPENDIX 197 B.L VIRUSTOTAL RESULTS 197 I X IMAGE 4 CONTENTS LITERATURE 203 INDEX 211 X
any_adam_object	1
author	Göbel, Jan Gerrit 1979- Dewald, Andreas
author_GND	(DE-588)1011975548
author_facet	Göbel, Jan Gerrit 1979- Dewald, Andreas
author_role	aut aut
author_sort	Göbel, Jan Gerrit 1979-
author_variant	j g g jg jgg a d ad
building	Verbundindex
bvnumber	BV039102993
classification_rvk	ST 277
ctrlnum	(OCoLC)724748727 (DE-599)DNB1008772003
dewey-full	005.84
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.84
dewey-search	005.84
dewey-sort	15.84
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02016nam a2200517 c 4500</leader><controlfield tag="001">BV039102993</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20110819 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">110627s2011 gw ad\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">11,N01</subfield><subfield code="2">dnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">1008772003</subfield><subfield code="2">DE-101</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9783486705263</subfield><subfield code="c">Pb. : ca. EUR 69.80 (DE)</subfield><subfield code="9">978-3-486-70526-3</subfield></datafield><datafield tag="024" ind1="3" ind2=" "><subfield code="a">9783486705263</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)724748727</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DNB1008772003</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakddb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">gw</subfield><subfield code="c">XA-DE-BY</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-634</subfield><subfield code="a">DE-92</subfield><subfield code="a">DE-20</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.84</subfield><subfield code="2">22/ger</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">004</subfield><subfield code="2">sdnb</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Göbel, Jan Gerrit</subfield><subfield code="d">1979-</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1011975548</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Client-Honeypots</subfield><subfield code="b">exploring malicious websites</subfield><subfield code="c">by Jan Gerrit Göbel and Andreas Dewald</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">München</subfield><subfield code="b">Oldenbourg</subfield><subfield code="c">2011</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XIX, 214 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Malware</subfield><subfield code="0">(DE-588)4687059-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Honeypot</subfield><subfield code="0">(DE-588)1024872505</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Client</subfield><subfield code="0">(DE-588)4520996-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Website</subfield><subfield code="0">(DE-588)4596172-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Exploit</subfield><subfield code="0">(DE-588)4752509-5</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Website</subfield><subfield code="0">(DE-588)4596172-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Malware</subfield><subfield code="0">(DE-588)4687059-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Honeypot</subfield><subfield code="0">(DE-588)1024872505</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="3"><subfield code="a">Client</subfield><subfield code="0">(DE-588)4520996-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="4"><subfield code="a">Exploit</subfield><subfield code="0">(DE-588)4752509-5</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="5"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Dewald, Andreas</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">DNB Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=022646891&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-022646891</subfield></datafield></record></collection>
id	DE-604.BV039102993
illustrated	Illustrated
indexdate	2024-07-09T23:25:24Z
institution	BVB
isbn	9783486705263
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-022646891
oclc_num	724748727
open_access_boolean
owner	DE-634 DE-92 DE-20
owner_facet	DE-634 DE-92 DE-20
physical	XIX, 214 S. Ill., graph. Darst.
publishDate	2011
publishDateSearch	2011
publishDateSort	2011
publisher	Oldenbourg
record_format	marc
spelling	Göbel, Jan Gerrit 1979- Verfasser (DE-588)1011975548 aut Client-Honeypots exploring malicious websites by Jan Gerrit Göbel and Andreas Dewald München Oldenbourg 2011 XIX, 214 S. Ill., graph. Darst. txt rdacontent n rdamedia nc rdacarrier Softwareschwachstelle (DE-588)4752508-3 gnd rswk-swf Malware (DE-588)4687059-3 gnd rswk-swf Honeypot (DE-588)1024872505 gnd rswk-swf Client (DE-588)4520996-0 gnd rswk-swf Website (DE-588)4596172-4 gnd rswk-swf Exploit (DE-588)4752509-5 gnd rswk-swf Website (DE-588)4596172-4 s Malware (DE-588)4687059-3 s Honeypot (DE-588)1024872505 s Client (DE-588)4520996-0 s Exploit (DE-588)4752509-5 s Softwareschwachstelle (DE-588)4752508-3 s DE-604 Dewald, Andreas Verfasser aut DNB Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=022646891&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Göbel, Jan Gerrit 1979- Dewald, Andreas Client-Honeypots exploring malicious websites Softwareschwachstelle (DE-588)4752508-3 gnd Malware (DE-588)4687059-3 gnd Honeypot (DE-588)1024872505 gnd Client (DE-588)4520996-0 gnd Website (DE-588)4596172-4 gnd Exploit (DE-588)4752509-5 gnd
subject_GND	(DE-588)4752508-3 (DE-588)4687059-3 (DE-588)1024872505 (DE-588)4520996-0 (DE-588)4596172-4 (DE-588)4752509-5
title	Client-Honeypots exploring malicious websites
title_auth	Client-Honeypots exploring malicious websites
title_exact_search	Client-Honeypots exploring malicious websites
title_full	Client-Honeypots exploring malicious websites by Jan Gerrit Göbel and Andreas Dewald
title_fullStr	Client-Honeypots exploring malicious websites by Jan Gerrit Göbel and Andreas Dewald
title_full_unstemmed	Client-Honeypots exploring malicious websites by Jan Gerrit Göbel and Andreas Dewald
title_short	Client-Honeypots
title_sort	client honeypots exploring malicious websites
title_sub	exploring malicious websites
topic	Softwareschwachstelle (DE-588)4752508-3 gnd Malware (DE-588)4687059-3 gnd Honeypot (DE-588)1024872505 gnd Client (DE-588)4520996-0 gnd Website (DE-588)4596172-4 gnd Exploit (DE-588)4752509-5 gnd
topic_facet	Softwareschwachstelle Malware Honeypot Client Website Exploit
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=022646891&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT gobeljangerrit clienthoneypotsexploringmaliciouswebsites AT dewaldandreas clienthoneypotsexploringmaliciouswebsites

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge