Talk About Network

Google


Register and Login
Nick
Password
Register create new account Sign up is FREE and you can post replies, new topics, bookmark posts and more!
Recover lost password


Books > Reviews 2 > REVIEW: "Networ...
Latest [ Topics | Posts ] Archive Post A New Topic Post a Reply
<< Topic < Post Post 1 of 1 Topic 217 of 253
 Post > Topic >>

REVIEW: "Network Security Tools", Nitesh Dhanjani/Justin Clarke

by "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade@[EMAIL PROTECTED] > Mar 21, 2006 at 10:48 AM

BKNTSCTL.RVW   20051204

"Network Security Tools", Nitesh Dhanjani/Justin Clarke, 2005,
0-596-00794-9, U$34.95/C$48.95
%A   Nitesh Dhanjani
%A   Justin Clarke
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   2005
%G   0-596-00794-9
%I   O'Reilly & Associates, Inc.
%O   U$34.95/C$48.95 800-998-9938 fax: 707-829-0104 nuts@[EMAIL PROTECTED]
  http://www.amazon.com/exec/obidos/ASIN/0596007949/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0596007949/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0596007949/robsladesin03-20
%O   Audience a- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P   324 p.
%T   "Network Security Tools"

The preface states that the audience for the book is comprised of
anyone who wants to program their own vulnerability scanners, or
extend those already available.  It assumes familiarity with six of
the major tools in that class, as well as Perl.

Chapter one deals with writing plug-ins for Nessus.  It covers the
installation and quick use of the program, and then outlines the
Nessus Attack Scripting Language, including a few sample scripts.  The
Ettercap network analyzer and its plug-ins (in the C language) are in
chapter two.  (An overview of authentication for the ftp protocol is
provided in order to discuss looking for ftp passwords.)  The Hydra
password sniffer (and SMTP authentication) is described in chapter
three, as well as the Nmap ****t scanner.  Chapter four looks at
plug-ins (in Perl) for the Nikto Web scanner.  The Metasploit
Framework generic exploit development platform is examined in chapter
five, which also has a brief explanation of stack overflows.  Chapter
six discusses analysis of (mostly source) code for Web applications in
a search for vulnerabilities, reviewing the PMD Java analysis tool,
and reprinting pages of Java source code.

Part two turns to writing network security tools.  Chapter seven is
primarily a tutorial on Linux kernel modules.  Using Perl to write a
Web application scanner is in chapter eight.  SQL injection, and
testing for error message responses, is examined in chapter nine. 
Chapter ten covers the use of the libpcap library for producing
network sniffing utilities.  Packet injection, using the libnet
library and AirJack device driver, is in chapter eleven.

While a lot of sample code is given in this text, ultimately it is
about using a bunch of tools.  The examples and exploits are
interesting, and do provide an indication of limited types of testing
utilities that could be developed.

copyright Robert M. Slade, 2005   BKNTSCTL.RVW   20051204


======================  (quote inserted randomly by Pegasus Mailer)
rslade@[EMAIL PROTECTED]
      slade@[EMAIL PROTECTED]
      rslade@[EMAIL PROTECTED]
 hath dared to wound thee?' cried the giant; `tell me, that I
may take my big sword and slay him.'
`Nay!' answered the child, `but these are wounds of love.'
                                  - `The Selfish Giant,' Oscar Wilde
http://victoria.tc.ca/techrev
   or    http://sun.soci.niu.edu/~rslade




 1 Posts in Topic:
REVIEW: "Network Security Tools", Nitesh Dhanjani/Justin Clarke
 "Rob, grandpa of Rya  2006-03-21 10:48:31 

Post A Reply:
  Go here to Signup

AddThis Feed Button


About - Advertising - Contact - Frequently Asked Questions - Privacy Policy - Terms of Use - Signup
Contact
tan12V112 Wed Aug 20 13:32:27 CDT 2008.