REVIEW: "Network Security Tools", Nitesh Dhanjani/Justin Clarke
- BKNTSCTL.RVW 20051204
"Network Security Tools", Nitesh Dhanjani/Justin Clarke, 2005,
%A Nitesh Dhanjani
%A Justin Clarke
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%I O'Reilly & Associates, Inc.
%O U$34.95/C$48.95 800-998-9938 fax: 707-829-0104 nuts@...
%O Audience a- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P 324 p.
%T "Network Security Tools"
The preface states that the audience for the book is comprised of
anyone who wants to program their own vulnerability scanners, or
extend those already available. It assumes familiarity with six of
the major tools in that class, as well as Perl.
Chapter one deals with writing plug-ins for Nessus. It covers the
installation and quick use of the program, and then outlines the
Nessus Attack Scripting Language, including a few sample scripts. The
Ettercap network analyzer and its plug-ins (in the C language) are in
chapter two. (An overview of authentication for the ftp protocol is
provided in order to discuss looking for ftp passwords.) The Hydra
password sniffer (and SMTP authentication) is described in chapter
three, as well as the Nmap port scanner. Chapter four looks at
plug-ins (in Perl) for the Nikto Web scanner. The Metasploit
Framework generic exploit development platform is examined in chapter
five, which also has a brief explanation of stack overflows. Chapter
six discusses analysis of (mostly source) code for Web applications in
a search for vulnerabilities, reviewing the PMD Java analysis tool,
and reprinting pages of Java source code.
Part two turns to writing network security tools. Chapter seven is
primarily a tutorial on Linux kernel modules. Using Perl to write a
Web application scanner is in chapter eight. SQL injection, and
testing for error message responses, is examined in chapter nine.
Chapter ten covers the use of the libpcap library for producing
network sniffing utilities. Packet injection, using the libnet
library and AirJack device driver, is in chapter eleven.
While a lot of sample code is given in this text, ultimately it is
about using a bunch of tools. The examples and exploits are
interesting, and do provide an indication of limited types of testing
utilities that could be developed.
copyright Robert M. Slade, 2005 BKNTSCTL.RVW 20051204
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Once, when Sir Isaac Newton was asked how he made all of his
discoveries, he replied `If I have seen further than others, it
is by standing on the shoulders of giants.' Today, in the
programming field, we mostly stand on each other's feet.
- Richard Wesley Hamming
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade