Nessus, Snort, & Ethereal Power Tools: Customizing Open Source Security ApplicationsBy
- Brian Caswell, Snort.org webmaster, USA
- Jay Beale, Series Editor of the Jay Beale Open Source Security Series, lead developer of the Bastille project, Seattle, WA
- Gilbert Ramirez, Author, Snort 2.1 Intrusion Detection
- Noam Rathaus, Co-founder and CTO, Beyond Security, Israel, Microsoft Events Insider
This book will cover customizing Snort to perform intrusion detection and prevention; Nessus to analyze the network layer for vulnerabilities; and Ethereal to sniff their network for malicious or unusual traffic. The book will also contain an appendix detailing the best of the rest open source security tools. Each of these tools is intentionally designed to be highly customizable so that users can torque the programs to suit their particular needs. Users can code their own custom rules, plug-ins, and filters that are tailor-made to fit their own networks and the threats which they most commonly face. The book describes the most important concepts of coding and customizing tools, and then provides readers with invaluable working scripts that can either be used as is or further refined by using knowledge gained from the book.
Published: August 2005
- Part I: Nessus Tools; The Inner Workings of NASL; Debugging NASLs; Extensions and Custom Tests; Understanding the Extended Capabilities of the Nessus Environment; Analyzing GetFileVersion and MySQL Passwordless Test; Automating the Creation of NASLs; Part II: Snort Tools; The Inner Workings of Snort; Snort Rules; Plugins and Preprocessors; Modifying Snort; Part III: Etherial Tools; Capture file Formats; Protocol Dissectors; Reporting from Etherial; Appendix A Host Integrity Monitoring Using Osiris and Samhain