Index

[A] [B] [C] [D] [E] [F] [G] [H] [I] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

C&C (Command and Control) server
     Agobot and variants using
     in botnet case studies
     in CWSandbox analysis reports 2nd
     defending against bots
     defined
     setting up botnets with
Call tree, CWSandbox analysis report
Capture logs, Tiny Honeypot
CD-keys, bots stealing
CD-ROMs
     Honeywall installation
     installing OS on virtual honeypots 2nd
Chats
chroot jails
ClamAV
     CWSandbox analysis report 2nd
     detecting malicious web pages
     SpyBye using
cleanup_module( ), disabling Sebek with
Client-side honeypots
     active vs. passive
    client-side threats and [See Client-side threats.]
     detecting rootkits or Trojan horses
    high-interaction [See High-interaction client honeypots.]
     low-interaction, finding malicious websites
     low-interaction, HoneyC
     overview of
     Pezzonavante
     research on
     SiteAdvisor
     SpyBye
     studying spyware on Internet
Client-side threats
     client-side honeypots for
     exploited Internet Explorer vulnerabilities
     MS04-040
     other types of
Clone attacks
Clone command
Codbot
Code analysis, of malicious software
Code injection, DLL 2nd
Code Red
Collapsar
     architecture
     live testing of
     Potemkin vs.
     research summary of
Command and Control server [See C&C (Command and Control) server.]
Command-line flags [See Runtime flags, command-line.]
Command line flags, nepenthes
Command redirection, nepenthes 2nd
Commands
     Argos control socket
     botnet setup
     Kebes
Commercial off-the-shelf (COTS) computer
Congestion control, TCP
Connecting limiting
Connection monitors, Honeytrap
Connections, Honeyd packet logs
Containment policies
     minimizing attacks on third-party systems
     Potemkin 2nd
Control socket, Argos
Control structure, botnets
Copy On Write [See COW (copy-on-write).]
Correlation module, Collapsar
COTS (commercial off-the-shelf) computer
COW (copy-on-write)
     Potemkin using
     UML using
     virtual high-interaction honeynet with
Crawling engines 2nd
Create command 2nd
Crypt layer, Kebes
Crypters
CSend
Curl command
Cursor format (.ANI files) vulnerability
Custom mode, VMware
cwmonitor.dll
CWSandbox
     analysis of Haxdoor
     analysis of lightweight IDS based on nepenthes
     API hooking
     architecture
     behavior analysis
     code analysis and
     code injection
     example analysis report
     large-scale analysis
     overview of
     results of
     system description
cwsandbox.exe
Cyberdefense exercise, with Honeyd
-d runtime flag, Honeyd