The open source security scene needs more books like this | Building Open Source Network Security Tools: Components and Techniques | Mike Schiffman
 
 


Suche books:   



Building Open Source Network Security Tools: Components and Techniques
Mike Schiffman

Wiley, 2002 - 416 pages

average customer review:based on 24 reviews
view larger image
 for more information click here

   highly recommended  highly recommended






Excellent guide for the network administrator

This book was the perfect reference manual for the busy network administrator that needs to quickly create powerful tools to enforce and monitor network security. From concept to implementation Schiffman will give you a thorough understanding of why and how to create open-sourced security tools that you can start using immediately. Using this book as a reference I was able to create a customized network sniffer and a few vulnerability analysis tools. Another great addition to my library that I highly recommend.


Perfect Reference for Network Programers

Very well structured book with clear examples. Serves good as a reference and starting point for network programers. Highly recommended book.


 for more information click here


The open source security scene needs more books like this

Books on hacking, cracking, exploiting, and breaking software seem to get all of the attention in the security world. However, we need more works like Mike Schiffman's 'Building Open Source Network Security Tools' (BOSNST). I regret having waited so long to read BOSNST, but I'm glad I did. Schiffman's book is for people who want to build, not break, software, and the way he describes how to create tools is enlightening.

The major theme I captured from BOSNST was the importance of creating useful code libraries. Six of the book's 12 chapters focus on libraries which provide functions for application programmers. While not all have gained the same amount of fame or use, the author's approach remains sound. Libraries are the building blocks around which numerous tools can and should be built.

This theme helped me understand the evolution of RFP's Whisker CGI scanner, released in Oct 1999 and deprecated in May 2003. Whisker lives on as a library, Libwhisker, in the Nikto Web server scanner. Similarly, Schiffman's chapter on Libsf mentions the utility of creating a library offering the functionality of the popular Nmap scanning tool. (Unfortunately, I haven't seen progress on this. Nmap author Fyodor last mentioned 'Libnmap' in his 2003 Nmap features survey, and it's not apparent in the tool's latest version.)

I found the six library chapters to be helpful. Some of the code has stagnated since 2002 (Libnids, Libsf), while some has continued to evolve (Libpcap, Libdnet, OpenSSL). Schiffman provides good explanations of buffer overflow and format string attacks in ch 10, and I thought his state machine-based port scan detector (Descry) in ch 11 was innovative.

One of the strongest sections of BOSNST is ch 12, where the author provides a 25-page code walkthrough of his Firewalk tool. This chapter is the model for anyone seeking to explain tool internals. Schiffman offers flowcharts, context charts, and explanations of code snippets. He doesn't simply dump page after page of C code in front of the reader. (Most chapters of BOSNST do conclude with the full source code for sample tools, however.)

I have no real complaints with BOSNST. I found minor errors in two diagrams (p 220, 223 should show the SYN/ACK or RST reply coming from the target, not to the target). Schiffman's writing style is clear and engaging, which makes a difference when explaining functions in code.

Those who want to learn how to assemble their security expertise in the form code libraries should read BOSNST. Those who wish to use the libraries found in the book, or those with similar functionality, should also read BOSNST. I look forward to Schiffman's next book, where hopefully he will finally update his biography to say 'AFIWC' (for 'Air Force Information Warfare Center') instead of 'AFWIC' (aka the UN's 'AFrican Women In Crisis' program).


 for more information click here




 for more information click here


Excellent guide for the network administrator

This book was the perfect reference manual for the busy network administrator that needs to quickly create powerful tools to enforce and monitor network security. From concept to implementation Schiffman will give you a thorough understanding of why and how to create open-sourced security tools that you can start using immediately. Using this book as a reference I was able to create a customized network sniffer and a few vulnerability analysis tools. Another great addition to my library that I highly recommend.






Learn how to protect your network with this guide to building complete and fully functional network security tools

Although open source network security tools come in all shapes and sizes, a company will eventually discover that these tools are lacking in some area?whether it's additional functionality, a specific feature, or a narrower scope.

Written by security expert Mike Schiffman, this comprehensive book will show you how to build your own network security tools that meet the needs of your company. To accomplish this, you'll first learn about the Network Security Tool Paradigm in addition to currently available components including libpcap, libnet, libnids, libsf, libdnet, and OpenSSL. Schiffman offers a detailed discussion of these components, helping you gain a better understanding of the native datatypes and exported functions. Next, you'll find several key techniques that are built from the components as well as easy-to-parse programming examples. The book then ties the model, code, and concepts together, explaining how you can use this information to craft intricate and robust security programs. Schiffman provides you with cost-effective, time-saving guidance on how to build customized network security tools using existing components. He explores: A multilayered model for describing network security tools The ins and outs of several specific security-related components How to combine these components into several useful network security techniques Four different classifications for network security tools: passive reconnaissance, active reconnaissance, attack and penetration, and defensive

How to combine techniques to build customized network security tools
The companion Web site contains all of the code from the book.


 for more information click here



reviews: page 1, 2, 3, 4, 5



hot or not?    What's your opinion?     Write a review and share your thoughts!






recommendations

Security Books not on everyone else's security book list
Security that works, the help you need
Books for the Appropriately Paranoid
Information Security Reading Wall
Networking







   


techniques

The Animator's Survival Kit
How to Grill: The Complete Illustrated Book of Barbecue Techniques
Gift from the Sea
Second Sight
The Photoshop Elements 5 Book for Digital Photographers



components

Oxford Picture Dictionary Cassettes (Set of 3 Cassettes)
Bebop to the Boolean Boogie: An Unconventional Guide to Electronics ...
Repairing and Upgrading Your PC
Designing Component-Based Applications (Mps)
Delphi Component Design



building

The Five Dysfunctions of a Team: A Leadership Fable
The Three Signs of a Miserable Job: A Fable for Managers (And Their ...
Fundamentals of Building Construction: Materials and Methods
104 Activities That Build: Self-Esteem, Teamwork, Communication, ...
Building Construction Illustrated




search for books
building open, building, components, network, security, source, techniques, tools



Suche books:   


books
apparel
baby
beauty
books
camera photo
cell phones
classical music
computers
dvd
electronics
gourmet food
health personal care
kitchen
magazines
musical instruments
office products
outdoor living
computer video games
popular music
pet-supplies
software
sporting goods
tools hardware
toys-games
vhs
watches jewelry


* Flowers for London Flower Delivery UK by online florists

* London Wedding Photographer

randomly chosen


health & personal care: Sunpentown Automatic Herbal Medicine Cooker - Brown (3.4 Liter)


home  impressum - about us