Nessus, Snort, and Ethereal Power Tools

Customizing Open Source Security Applications

Neil Archibald, Gilbert Ramirez, Noam Rathaus - Collection Jay Beale's Open Source Security Series

450 pages, parution le 22/09/2005

Ajouter à une liste

Indisponible

Résumé

If you have Nessus, Snort, and Ethereal up and running and now you're ready to customize, code, and torque these tools to their fullest potential, then this book is for you. The authors of this book provide the inside scoop on coding the most effective and efficient Snort rules, Nessus plug-ins with NASL, and Ethereal wiretap, dissector, and tap modules. After reading this book, you will be a master at coding your own tools to detect malicious traffic, scan for vulnerabilities, and capture only the packets YOU really care about. Each section also contains dozens of working code examples available for download from www.syngress.com/solutions.

Nessus Power Tools

Create Extensions and Custom Tests Customize NASL and extend the capabilities of Nessus using Include Files; Process Launching and Results Analysis; and the Nessus Knowledge Base.

Debug Newly Created or Existing NASLs Use the command-line interpreter or the Nessus daemon to test the validity of code and vulnerability tests.

Automate NASL Creation Automate and simplify creation of complex NASLs using Plugin Templates, Perl's CGI Module, and XML Parsing.

Snort Power Tools

Create Custom Rules Write, test, and optimize advanced rules to work on even the most complex traffic.

Master Plugins and Preprocessors Write detection plugins, output plugins, and preprocessors to optimize speed and efficiency of rules.

Patch Snort to Enhance and Customize Performance Use Snort AV (Active Verification) to reduce false positives and Snort-Wireless to provide layer 2 Wireless IDS functionality.

Ethereal Power Tools

Enable Ethereal to Read New Data Sources Use libpcap to capture packets, text2pcap to convert from hex dumps to the pcap format, and techniques for reverse engineering an undocumented packet capture file format and writing a wiretap module.

Program Your Own Protocol Dissector Set up and program advanced dissectors either linked into Ethereal or as a plugin.

Create and Customize Ethereal Reports Unlock the power of Ethereal by reporting with a line-mode tap module; a GUI tap module; grep and awk commands; and Python programs to parse tethereal's verbose output and the PDML (XML) output of tethereal.

L'auteur - Gilbert Ramirez

Gilbert Ramirez was the first contributor to Ethereal after it was announced to the public and is known for his regular updates to the product. He has contributed protocol dissectors as well as core logic to Ethereal. He is a systems engineer at a large company with network-related products, where he works on tools and software build systems. Gilbert is a family man, a want-to-be chef, and a student of tae kwon do. His degree is in linguistics, but his first love is programming computers, which he has been doing since childhood.

Sommaire

Nessus Tools
- The Inner Workings of NASL (Nessus Attack Scripting Language)
- Debugging NASLs
- Extensions and Custom Tests
- Understanding the Extended Capabilities of the Nessus Environment
- Analyzing GetFileVersion and MySQL Passwordless Test
- Automating the Creation of NASLs
Snort Tools
- The Inner Workings of Snort
- Snort Rules
- Plugins and Preprocessors
- Modifying Snort
Ethereal Tools
- Capture File Formats
- Protocol Dissectors
- Reporting from Ethereal
- A.Host Integrity Monitoring Using Osiris and Samhain

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	Syngress
Auteur(s)	Neil Archibald, Gilbert Ramirez, Noam Rathaus
Collection	Jay Beale's Open Source Security Series
Parution	22/09/2005
Nb. de pages	450
Format	18 x 23
Couverture	Broché
Poids	745g
Intérieur	Noir et Blanc
EAN13	9781597490207
ISBN13	978-1-59749-020-7