Network Security Tools: Writing, Hacking, and Modifying Security Tools Paperback – Apr 14 2005
|New from||Used from|
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
"There are a number of books available from various sources discussing some of these issues and as usual it is an advantage to have several sources available when entering into a particular information security subfield. However, in terms of direct usability this is an excellent work that I don't hesitate to recommend." Information Security Bulletin, November 2005
About the Author
Nitesh Dhanjani is a well known security researcher, author, and speaker. Dhanjani is currently Senior Manager at a large consulting firm where he advises some of the largest corporations around the world on how to establish enterprise wide information security programs and solutions. Dhanjani is also responsible for evangelizing brand new technology service lines around emerging technologies and trends such as cloud computing and virtualization.
Prior to his current job, Dhanjani was Senior Director of Application Security and Assessments at a major credit bureau where he spearheaded brand new security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews & Threat Modeling, and managed the Attack & Penetration team.
Dhanjani is the author of "Network Security Tools: Writing, Hacking, and Modifying Security Tools" (O'Reilly) and "HackNotes: Linux and Unix Security" (Osborne McGraw-Hill). He is also a contributing author to "Hacking Exposed 4" (Osborne McGraw-Hill) and "HackNotes: Network Security". Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and OSCON.
Dhanjani graduated from Purdue University with both a Bachelors and Masters degree in Computer Science.
Dhanjani's personal blog is located at dhanjani.com.
Justin Clarke is a Director with Gotham Digital Science, based in the United Kingdom. He has many years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.
Justin is the co-author of Network Security Tools: Writing, Hacking, and Modifying Security Tools, a contributing author to Network Security Assessment: Know Your Network, 2nd Edition, and the lead author of SQL Injection Attacks and Defenses (Syngress) as well as having been invited to speak at a number of conferences on security topics, including Black Hat, EuSecWest, OSCON and RSA.
Justin is active in developing security tools for penetrating web applications, servers, and wireless networks and as a compulsive tinkerer he can't leave anything alone without at least trying to see how it works.
Most Helpful Customer Reviews on Amazon.com (beta)
Thus, the book is directed slightly more towards the network programmer than the network sysadmin. Though this is by no means a sharp demarcation, I hasten to add. In fact, you might be a sysadmin dissatisfied with running your current Intrusion Detection System package simply just out of the box. If so, try actively programming plug-ins using this book, to adapt the IDS to your actual network situation.
The book is divided into two main sections, modifying several popular tools like Nessus and Metasploit, and writing new tools for the Linux kernel and the network using libpcap and libnet. Written for the intermediate-level user, NST gets right to it in Chapter 1, diving right into writing plug-ins for Nessus. Because vulnerabilities appear every day and may differ on the network you're examining, you may have to write your own plug-in that someone else hasn't. Or you may want the fame and notoriety of writing these plug-ins quickly and accurately. Whatever your motivation, you'll learn how to use NASL to write your extension. While the license has recently changed for Nessus, the version that this book targets, 2.x, will always be GPL and available for you to use.
The existing tools covered in the book - Nessus, Ethereal, Ettercap, Metasploit, Nikto, Hydra. and PMD - are designed to be extended. They have a framework and often a rich API (or, in the case of Nessus, their own language) to allow you to write those extensions. Each of the chapters on these frameworks covers some of the same basic format, namely an overview of the tools, the framework, and then an example plug-in or extension. The quality of the chapters varies, presumably due to the natural differences in the authors' experiences. However, you'll learn something in each of them.
The second half of the book covers writing your own tools against four or five different landscapes. These are Linux kernel modules and kernel-level rootkits, web assessment tools (in Perl), an automated exploit tool, and sniffers and packet injection tools (using libpcap and libnet). The authors wisely show how to take a small tool, a recon scanner from Chapter 8, and extend it in Chapter 9 to make it an automated exploit tool. Pretty cool, and you wind up with a neat web-testing tool out of it. With some more work, you can make it a framework for any sort of web-based attack methodology. The authors use clear examples and a decent presentation style to deliver a quality set of chapters.
The same can be said for the two chapters on network tools, the sniffer and the packet injector. You'll build a simple ARP sniffer with pcap and libnet, and then move on to a simple SYN scanner and then a tool called 'Airjack', which i designed for a Linux environment. Again, clear code, and the authors do an effective tour of the process by which they build some simple, but representative, tools.
Overall I'm quite pleased with NST, I think the authors have delivered a concise, practical and valuable book on the subject. While there are several frameworks available for security tools, this the first single book on the subject of writing plug-ins and extensions for most of the main tools out there. While the authors are a bit skimpish at times on the material, due to space constraints or matters of expertise, they do a good job of showing clear examples that anyone can use. If you've been curious about extending existing security tools with your own code, this is probably the best single place to start.
Look for similar items by category
- Books > Business & Investing > Industries & Professions > E-commerce
- Books > Computers & Technology > Certification Central > Exams > Security+
- Books > Computers & Technology > Certification Central > Office
- Books > Computers & Technology > History & Culture > Privacy
- Books > Computers & Technology > Internet & Social Media > Hacking
- Books > Computers & Technology > Networking & Cloud Computing > Internet, Groupware, & Telecommunications
- Books > Computers & Technology > Networking & Cloud Computing > Intranets & Extranets
- Books > Computers & Technology > Networking & Cloud Computing > Network Security
- Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > LAN
- Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > Networks
- Books > Computers & Technology > Programming
- Books > Computers & Technology > Security & Encryption > Privacy & Online Safety
- Books > Textbooks > Computer Science & Information Systems > Computer Science
- Books > Textbooks > Computer Science & Information Systems > Networking