Building Open Source Network Security Tools: Components and Techniques

Author - Mike Schiffman ... [Goo?] [Posters]

This Paperback Book item from Wiley was reviewed on 4-Jun-2008.

Search ISBN:0471205443 offer from Abebooks or used books from Alibris. Building Open Source Network Security Tools: Components and Techniques Reference Book. Classifications : Encryption Security & Encryption Web Development Computers & Internet Subjects Books Network Security Networking Computers & Internet Subjects Books Networks Networks, Protocols & APIs Networking Comp . Click the following link to view the cover of Building Open Source Network Security Tools: Components and Techniques.

Related topics: Encryption. Web Development. Subjects. Books. Network Security. Networking. Subjects. Books. Networks. Networking.

1) Paperback Book Building Open Source Network Security Tools: Components and Techniques by Wiley. Books on hacking, cracking, exploiting, and breaking software seem to get all of the attention in the security world. However, we need more works like Mike Schiffman´s ´Building Open Source Network Security Tools´ (BOSNST). I regret having waited so long to read BOSNST, but I´m glad I did. Schiffman´s book is for people who want to build, not break, software, and the way he describes how to create tools is enlightening.

The major theme I captured from BOSNST was the importance of creating useful code libraries. Six of the book´s 12 chapters focus on libraries which provide functions for application programmers. While not all have gained the same amount of fame or use, the author´s approach remains sound. Libraries are the building blocks around which numerous tools can and should be built.

This theme helped me understand the evolution of RFP´s Whisker CGI scanner, released in Oct 1999 and deprecated in May 2003. Whisker lives on as a library, Libwhisker, in the Nikto Web server scanner. Similarly, Schiffman´s chapter on Libsf mentions the utility of creating a library offering the functionality of the popular Nmap scanning tool. (Unfortunately, I haven´t seen progress on this. Nmap author Fyodor last mentioned ´Libnmap´ in his 2003 Nmap features survey, and it´s not apparent in the tool´s latest version.)

I found the six library chapters to be helpful. Some of the code has stagnated since 2002 (Libnids, Libsf), while some has continued to evolve (Libpcap, Libdnet, OpenSSL). Schiffman provides good explanations of buffer overflow and format string attacks in ch 10, and I thought his state machine-based port scan detector (Descry) in ch 11 was innovative.

One of the strongest sections of BOSNST is ch 12, where the author provides a 25-page code walkthrough of his Firewalk tool. This chapter is the model for anyone seeking to explain tool internals. Schiffman offers flowcharts, context charts, and explanations of code snippets. He doesn´t simply dump page after page of C code in front of the reader. (Most chapters of BOSNST do conclude with the full source code for sample tools, however.)

I have no real complaints with BOSNST. I found minor errors in two diagrams (p 220, 223 should show the SYN/ACK or RST reply coming from the target, not to the target). Schiffman´s writing style is clear and engaging, which makes a difference when explaining functions in code.

Those who want to learn how to assemble their security expertise in the form code libraries should read BOSNST. Those who wish to use the libraries found in the book, or those with similar functionality, should also read BOSNST. I look forward to Schiffman´s next book, where hopefully he will finally update his biography to say ´AFIWC´ (for ´Air Force Information Warfare Center´) instead of ´AFWIC´ (aka the UN´s ´AFrican Women In Crisis´ program).¤

2) Paperback Book Building Open Source Network Security Tools: Components and Techniques by Wiley. Very well structured book with clear examples. Serves good as a reference and starting point for network programers. Highly recommended book.¤

3) Paperback Book Building Open Source Network Security Tools: Components and Techniques by Wiley. This book was the perfect reference manual for the busy network administrator that needs to quickly create powerful tools to enforce and monitor network security. From concept to implementation Schiffman will give you a thorough understanding of why and how to create open-sourced security tools that you can start using immediately. Using this book as a reference I was able to create a customized network sniffer and a few vulnerability analysis tools. Another great addition to my library that I highly recommend.¤

4) Paperback Book Building Open Source Network Security Tools: Components and Techniques by Wiley. This book was the perfect reference manual for the busy network administrator that needs to quickly create powerful tools to enforce and monitor network security. From concept to implementation Schiffman will give you a thorough understanding of why and how to create open-sourced security tools that you can start using immediately. Using this book as a reference I was able to create a customized network sniffer and a few vulnerability analysis tools. Another great addition to my library that I highly recommend.¤

5) Paperback Book Building Open Source Network Security Tools: Components and Techniques by Wiley. If you don´t read the man pages then this book is for you. After reading the glowing reviews I went out to purchase this book. I am extermely dissappointed. The lion-share of the book is merely API description. There are some neat examples in every chapter, but they are available on the internet... The end chapters of the book are well written concise summaries of known techniques and concepts (possibly the only redeeming component of the book)
After using libnet I was expecting something great from the man who wrote such an awesome library. Experienced programmers should use the man pages. If you´re new to information security topics then you might find this book useful.
A newbie would be well served by this book.¤

6) Paperback Book Building Open Source Network Security Tools: Components and Techniques by Wiley. Learn how to protect your network with this guide to building complete and fully functional network security tools

Although open source network security tools come in all shapes and sizes, a company will eventually discover that these tools are lacking in some area—whether it´s additional functionality, a specific feature, or a narrower scope.

Written by security expert Mike Schiffman, this comprehensive book will show you how to build your own network security tools that meet the needs of your company. To accomplish this, you´ll first learn about the Network Security Tool Paradigm in addition to currently available components including libpcap, libnet, libnids, libsf, libdnet, and OpenSSL. Schiffman offers a detailed discussion of these components, helping you gain a better understanding of the native datatypes and exported functions. Next, you´ll find several key techniques that are built from the components as well as easy-to-parse programming examples. The book then ties the model, code, and concepts together, explaining how you can use this information to craft intricate and robust security programs. Schiffman provides you with cost-effective, time-saving guidance on how to build customized network security tools using existing components. He explores:

• A multilayered model for describing network security tools
• The ins and outs of several specific security-related components
• How to combine these components into several useful network security techniques
• Four different classifications for network security tools: passive reconnaissance, active reconnaissance, attack and penetration, and defensive

How to combine techniques to build customized network security tools
The companion Web site contains all of the code from the book.¤

Page Updated: Robert N. Goolsby, 2-Jul-2008, 0471205443723812205448, 450-3X0-430-120-490-411-8

Building Open Source Network Security Tools: Components and Techniques, Book, Image © Wiley

Search: Wiley, Book Posters, Book Art