Network Security Tools pptx

Writing Plug-ins for the Nikto Vulnerability Scanner Section 4.1.. Network Security ToolsBy Justin Clarke, Nitesh Dhanjani ...Publisher: O'Reilly Pub Date: April 2005 ISBN: 0-596-00794-9

Network Security Tools

Interpreter

Section 1.5 Hello World

Section 1.6 Datatypes and Variables

Section 1.7 Operators

Section 1.8 if else

Chapter 4 Writing Plug-ins for the Nikto Vulnerability Scanner Section 4.1 Installing Nikto Section 4.2 Using Nikto

Section 4.3 Nikto Under the Hood

Section 4.4 Existing Nikto

Plug-ins

Section 4.5 Adding Custom Entries to the Plug-in Databases Section 4.6 Using LibWhisker Section 4.7 Writing an NTLM Plug-in for Brute-Force Testing Section 4.8 Writing a

Standalone Plug-in to Attack Lotus Domino

Chapter 5 Writing Modules for the Metasploit Framework

Section 5.1 Introduction to MSF

Section 5.2 Overview of Stack

Operating System

Fingerprinting Module for MSF Chapter 6 Extending Code Analysis to the Webroot

Section 6.1 Attacking Web Applications at the Source

Section 6.2 Toolkit 101

Section 6.3 PMD

Section 6.4 Extending PMD Part II: Modifying and Hacking Security Tools

Chapter 7 Fun with Linux

Chapter 9 Automated Exploit Tools

Section 9.1 SQL Injection

Exploits

Section 9.2 The Exploit

Scanner

Section 9.3 Using the Scanner Chapter 10 Writing Network Sniffers

Section 10.1 Introduction to libpcap

Section 10.2 Getting Started with libpcap

Section 10.3 libpcap and

802.11 Wireless Networks

Section 10.4 libpcap and Perl Section 10.5 libpcap Library Reference

Chapter 11 Writing Injection Tools

Packet-Section 11.1 Introduction to libnet

Section 11.2 Getting Started with libnet

Section 11.3 Advanced libnet Functions

Section 11.4 Combining libnet and libpcap

Section 11.5 Introducing

AirJack

Colophon

Index

Network Security Tools

By Justin Clarke, Nitesh Dhanjani

Publisher: O'Reilly

Pub Date: April 2005

ISBN: 0-596-00794-9

Pages: 352

Table of Contents | Index | Examples | Errata

This concise, high-end guide shows experienced

administrators how to customize and extend popular

open source security tools such as Nikto, Ettercap, and

Nessus It also addresses port scanners, packet

injectors, network sniffers, and web assessment tools.

Network Security Tools is the one resource you want at

your side when locking down your network.

Network Security Tools

By Justin Clarke, Nitesh Dhanjani

Publisher: O'Reilly

Pub Date: April 2005

Assumptions This Book Makes

Contents of This Book

Conventions Used in This Book

Using Code Examples

We'd Like to Hear from You

Safari Enabled

Acknowledgments

Part I: Modifying and Hacking Security Tools Chapter 1 Writing Plug-ins for Nessus Section 1.1 The Nessus Architecture Section 1.2 Installing Nessus

Section 1.3 Using Nessus

Section 1.4 The NASL Interpreter Section 1.5 Hello World

Section 1.6 Datatypes and Variables Section 1.7 Operators

Chapter 2 Developing Dissectors and

Plug-ins for the Ettercap Network Sniffer Section 2.1 Installing and Using Ettercap Section 2.2 Writing an Ettercap

Dissector

Section 2.3 Writing an Ettercap Plug-in Chapter 3 Extending Hydra and Nmap Section 3.1 Extending Hydra

Section 3.2 Adding Service Signatures to

Nmap

Chapter 4 Writing Plug-ins for the Nikto

Vulnerability Scanner

Section 4.1 Installing Nikto

Section 4.2 Using Nikto

Section 4.3 Nikto Under the Hood Section 4.4 Existing Nikto Plug-ins Section 4.5 Adding Custom Entries to the

Plug-in Databases

Section 4.6 Using LibWhisker

Section 4.7 Writing an NTLM Plug-in forBrute-Force Testing

Section 4.8 Writing a Standalone Plug-in

to Attack Lotus Domino

Chapter 5 Writing Modules for the

Section 5.5 Writing an Operating System

Fingerprinting Module for MSF

Chapter 6 Extending Code Analysis to

Section 7.1 Hello World

Section 7.2 Intercepting System Calls Section 7.3 Hiding Processes

Section 7.4 Hiding from netstat

Chapter 8 Developing Web Assessment

Tools and Scripts

Section 8.1 Web Application

Environment

Section 8.2 Designing the Scanner Section 8.3 Building the Log Parser Section 8.4 Building the Scanner

Section 8.5 Using the Scanner

Section 8.6 Complete Source Code Chapter 9 Automated Exploit Tools Section 9.1 SQL Injection Exploits Section 9.2 The Exploit Scanner

Section 9.3 Using the Scanner

Chapter 10 Writing Network Sniffers Section 10.1 Introduction to libpcap Section 10.2 Getting Started with libpcap

Section 10.3 libpcap and 802.11 Wireless

Networks

Section 10.4 libpcap and Perl

Section 10.5 libpcap Library Reference Chapter 11 Writing Packet-Injection

Tools

Section 11.1 Introduction to libnet

Section 11.2 Getting Started with libnet Section 11.3 Advanced libnet Functions Section 11.4 Combining libnet and libpcap Section 11.5 Introducing AirJack

Colophon

Index

Copyright © 2005 O'Reilly Media, Inc.All rights reserved.

Printed in the United States of America

Published by O'Reilly Media, Inc., 1005Gravenstein Highway North, Sebastopol,

Nutshell Handbook, the Nutshell

Handbook logo, and the O'Reilly logo areregistered trademarks of O'Reilly Media,

Inc Network Security Tools, the image of

the trapeze artist, and related trade dressare trademarks of O'Reilly Media, Inc

Many of the designations used by

manufacturers and sellers to distinguishtheir products are claimed as trademarks.Where those designations appear in thisbook, and O'Reilly Media, Inc was aware

of a trademark claim, the designationshave been printed in caps or initial caps

While every precaution has been taken inthe preparation of this book, the publisherand authors assume no responsibility for

errors or omissions, or for damagesresulting from the use of the informationcontained herein.

These days, software vulnerabilities areannounced to the public before vendorshave a chance to provide a patch to

customers Therefore, it has become

important, if not absolutely necessary, for

an organization to routinely assess itsnetwork to measure its security posture

But how does one go about performing athorough network assessment? Networksecurity books today typically teach youonly how to use the out-of-the-box

functionality provided by existing networksecurity tools, which is often limited.Malicious attackers, however, are

sophisticated enough to understand that the

real power of the most popular networksecurity tools does not lie in their out-of-the-box functionality, but in the frameworkthat allows you to extend and tweak theirfunctionality These sophisticated

attackers also know how to quickly writetheir own tools to break into remote

networks The aim of this book is to teachyou how to tweak existing and powerfulopen source assessment tools and how towrite your own tools to protect your

networks and data from the most

experienced attackers

This book is for anyone interested in

extending existing open source networkassessment tools and in writing their ownassessment tools Hundreds of other

network assessment books are availabletoday, but they simply teach readers how

to use existing tools, while neglecting toteach them how to modify existing securitytools to suit their needs If you are a

network security assessment professional

or hobbyist, and if you have always

wanted to learn how to tweak and writeyour own security tools, this book is foryou

Assumptions This Book

Makes

This book assumes you are familiar withprogramming languages such as C andPerl It also assumes you are familiar withthe use of the assessment tools covered inthis book: Ettercap, Hydra, Metasploit,Nessus, Nikto, and Nmap

Contents of This Book

This book is divided into two parts Part Icovers several commonly used open

source security tools and shows you how

to leverage existing well-known and

reliable network security tools to solveyour network security problems Here's asummary of what we cover:

Chapter 1, Writing Plug-ins for Nessus

Nessus is the most popular

vulnerability scanner available

today It is also open source and free.This chapter demonstrates not only

how to use Nessus, but also how towrite plug-ins to enable it to scan fornew vulnerabilities.

Chapter 2, Developing Dissectors and Plug-ins for the Ettercap Network Sniffer

Ettercap is a popular network snifferthat also is free and open source Itsplug-in functionality is one of themost robust available In fact, quite afew plug-ins for this sniffer are

available that perform a variety ofuseful tasks, such as detecting othersniffers on the network and collectingdata such as passwords that are beingpassed around the network This

chapter explains how to write ins for this most powerful scanner tolook for specific data on the network,

plug-as well plug-as other useful tricks

Chapter 3, Extending Hydra and Nmap

Many security tools do not use aplug-in architecture, and thereforecannot be trivially extended Thischapter discusses how to extend thecommonly used nonplug-in tool,Hydra, a tool for performing bruteforce testing against passwords, tosupport an additional protocol Italso discusses how to create binarysignatures for Nmap that use a

signature database for expansion.

Chapter 4, Writing Plug-ins for the Nikto Vulnerability Scanner

Nikto is a free, open source, andpopular web vulnerability scanner

that uses the well-known libwhisker

library to operate This chapterteaches you how to extend Nikto tofind new vulnerabilities that mightexist with external web applicationsand servers, or even within a

company's custom-built web

application

Chapter 5, Writing Modules for the

to develop exploits for the

framework, as well as how to use theframework for more general securitypurposes

Chapter 6, Extending Code Analysis to the Webroot

Source code analysis tools exist forlanguages such as Java However,

such tools for web applications arelacking This chapter demonstrateshow to implement web application-specific rules for the review of J2EEapplications using the PMD tool.

Part II describes approaches to writingcustom Linux kernel modules, web

application vulnerability identificationand exploitation tools, packet sniffers, andpacket injectors All of these can be usefulfeatures in network security tools, and ineach case an approach or toolset is

introduced to guide readers in integratingthese capabilities into their own customsecurity tools

Chapter 7, Fun with Linux Kernel

Modules

Linux security starts at the kernellevel This chapter discusses how towrite Linux kernel modules andexplains to readers what they canachieve at the kernel level, as well

as how kernel-level rootkits achievesome of the things they do

Chapter 8, Developing Web Assessment Tools and Scripts

Effective tools for hacking webapplications must be able to

adequately adapt to the custom

applications they can be run against.This chapter discusses how to

develop scripts in Perl that can beused to dynamically detect and

identify vulnerabilities within customweb applications

Chapter 9, Automated Exploit Tools

Tools for exploiting web applicationissues must leverage access to

application databases and operatingsystems This chapter demonstratestechniques for creating tools thatshow what can be done with webapplication vulnerabilities

Chapter 10, Writing Network Sniffers

Observing network traffic is animportant capability of many securitytools The most common toolset used

for network sniffing is libpcap This chapter discusses how libpcap

works, and demonstrates how youcan use it in your own tools whereintercepting network traffic is

needed We also discuss networksniffing in both wired and wirelesssituations

Chapter 11, Writing Packet-Injection

Packet injectors are required inscenarios where the ability to

generate custom or malformed

network traffic is needed to testnetwork services Several tools exist

to perform such testing In this

chapter we discuss and demonstrate

use of the libnet library and airjack

driver for packet creation We alsodiscuss packet injection in bothwired and wireless situations

Conventions Used in This Book

The following typographical conventionsare used in this book

Indicates new terms, URLs, emailaddresses, filenames, file extensions,pathnames, directories, and Unixutilities.

Constant width

Indicates commands, options,

switches, variables, attributes, keys,functions, types, classes,

namespaces, methods, modules,properties, parameters, values,

objects, events, event handlers, XMLtags, HTML tags, macros, the

contents of files, or the output fromcommands

Constant width bold

Shows commands or other text thatshould be typed literally by the user

Constant width italic

Shows text that should be replacedwith user-supplied values

This icon signifies a tip, suggestion, or general note.

This icon indicates a warning or caution.

Using Code Examples

This book is here to help you get your jobdone In general, you can use the code inthis book in your programs and

documentation You do not need to contact

us for permission unless you're

reproducing a significant portion of thecode For example, writing a program thatuses several chunks of code from this

book does not require permission Selling

or distributing a CD-ROM of examples

from O'Reilly books does require

permission Similarly, answering a

question by citing this book and quoting

example code does not require

permission However, incorporating asignificant amount of example code from

this book into your product's

documentation does require permission.

We appreciate, but do not require,

attribution An attribution usually includesthe title, author, publisher, and ISBN For

example: "Network Security Tools by

Nitesh Dhanjani and Justin Clarke

Copyright 2005 O'Reilly Media, Inc., 596-00794-9." If you feel your use ofcode examples falls outside fair use or thepermission given here, feel free to contact

0-us at permissions@oreilly.com

We'd Like to Hear from You

Please address comments and questionsconcerning this book to the publisher:

O'Reilly Media, Inc

1005 Gravenstein Highway NorthSebastopol, CA 95472

(800) 998-9938 (in the United States

or Canada)

(707) 829-0515 (international orlocal)

(707) 829-0104 (fax)

We have a web page for this book where

we list errata, examples, and any

additional information You can accessthis page at:

To comment or ask technical questions

about this book, send email to:

bookquestions@oreilly.com

For more information about our books,

conferences, Resource Centers, and the

O'Reilly Network, see our web site at:

http://www.oreilly.com

Safari Enabled

When you see a Safari®Enabled icon on the cover of your favoritetechnology book, that means the book isavailable online through the O'ReillyNetwork Safari Bookshelf

Safari offers a solution that's better than books It's a virtual library that let's youeasily search thousands of top tech books,cut and paste code samples, downloadchapters, and find quick answers whenyou nee the most accurate, current

e-information Try it for free at