Building Open Source Network Security Tools: Components and Techniques

Although open source network security tools come in all shapes and sizes, a company will eventually discover that these tools are lacking in some area—whether it's additional functionality, a specific feature, or a narrower scope.

Written by security expert Mike Schiffman, this comprehensive book will show you how to build your own network security tools that meet the needs of your company. To accomplish this, you'll first learn about the Network Security Tool Paradigm in addition to currently available components including libpcap, libnet, libnids, libsf, libdnet, and OpenSSL. Schiffman offers a detailed discussion of these components, helping you gain a better understanding of the native datatypes and exported functions. Next, you'll find several key techniques that are built from the components as well as easy-to-parse programming examples. The book then ties the model, code, and concepts together, explaining how you can use this information to craft intricate and robust security programs. Schiffman provides you with cost-effective, time-saving guidance on how to build customized network security tools using existing components. He explores:

• A multilayered model for describing network security tools
• The ins and outs of several specific security-related components
• How to combine these components into several useful network security techniques
• Four different classifications for network security tools: passive reconnaissance, active reconnaissance, attack and penetration, and defensive

How to combine techniques to build customized network security tools
The companion Web site contains all of the code from the book.