Monday, November 12, 2007
Great Papers from Honeynet Project
If you haven't seen them yet, Know Your Enemy: Behind the Scenes of Malicious Web Servers and Know Your Enemy: Malicious Web Servers are two great papers by the Honeynet Project. You might want to see Web Server Botnets and Server Farms as Attack Platforms by Gadi Evron as background. You'll notice people like e0n are using NSM to combat bots. I have not seen any IRC-controlled SIP/VoIP attack bots and botnets yet. If you think your IPS will save you against bots, keep in mind the time it takes to update some of them. I also recommend reading The World's Biggest Botnets by Kelly Jackson Higgins.