Nessus, Snort, and Ethereal Power Tools: Customizing Open Source Security Applications
Elsevier, Sep 14, 2005 - Computers - 400 pages
Nessus, Snort, and Ethereal Power Tools covers customizing Snort to perform intrusion detection and prevention; Nessus to analyze the network layer for vulnerabilities; and Ethereal to sniff their network for malicious or unusual traffic. The book contains an appendix detailing the best of the rest open source security tools. Each of these tools is intentionally designed to be highly customizable so that users can torque the programs to suit their particular needs. Users can code their own custom rules, plug-ins, and filters that are tailor-made to fit their own networks and the threats which they most commonly face. The book describes the most important concepts of coding and customizing tools, and then provides readers with invaluable working scripts that can either be used as is or further refined by using knowledge gained from the book.
What people are saying - Write a review
We haven't found any reviews in the usual places.
Analyzing GetFileVersion and MySQL Passwordless Test
Automating the Creation of NASLs
The Inner Workings of Snort
Plugins and Preprocessors
alert authentication buffer bytes callback capture char command-line configuration create database debug debug_fileversion decoder default defined detection plugin display filter dissector error Ethereal Ethernet evil bit field file format following example function is called GTK+ hex dump hostname hotfix include file installed integer interface IP-ID iptrace keep-alive keyword length libpcap match metacharacters modify monitoring MySQL NASL Nessus NTLM NULL offset option Osiris output packet data packet header parameter parse patch payload pcap PCRE PDML plugin pointer port preprocessor proto_tree protocol dissector regular expression remote host request response rule Samhain scan agent script server service pack Snort SQL injection static stored string struct Swiss Army Knife Table tap module template text2pcap tvbuff variable verify void vulnerability Windows wiretap wtap
Page xi - ... He also promotes an inclusive, positive security philosophy for companies, which encourages communicating the merits and reasons for security policies, rather than educating only on what the policies forbid. Josh is an expert in open-source security applications such as Snort, Ethereal, and Nessus. His research interests include improving the security and resilience of the Domain Name System (DNS) and the Network Time Protocol (NTP). He also enjoys reading about the mathematics and history of...