Honeypots for Windows (Books for Professionals by Professionals)
| ||||||||||||
| ||||||||||||
| | |||||
This chapter covered the structured approach to honeypot analysis. It reviewed all the different ways to examine honeypot data, including analyzing network traffic, changes to the file system, and changes to the OS. There are hundreds of useful forensic utilities to help make the job easier.
Chapter 12 will finish the book by discussing malware code disassembly.
| | |||||