Index - Building.Open.Source.Network.Security.Tools.Components.And.Techniques [Electronic resources] نسخه متنی

Index

J-L

Knock sample program for port scanning, 239-256

last in first out (LIFO) queue, 260-261

layers of security model, 2

Legerdemain sample program using libsf fingerprinting, 122-127

len, 13

length of packet, libpcap library and, 13

libcrypto.a, 163

libdnet library, 35-86, 129-162

address resolution functions in, 42-45

address resolution protocol (ARP) and, 129, 131, 134-137

134-136

advanced-mode functions in, 75-76

ancillary functions in, 74-75

ARP cache functions in, 136-137

binary buffers and, 130, 134, 143-145

callbacks and, 139

checksums in, 36, 39-40, 73

Clutch sample program using, 147-162

design considerations in, 36-40

error handling in, 40, 42, 74, 76

Ethernet and, 130, 133, 141-143

Firewalk security tool and, 331, 346-347, 364-366

firewalls and, 130, 132-133, 140-141

framework functions in, 41-42

header sizes in, 48-50

installation of, 36, 130

interface allocation in, 36

interfaces and, 130-131, 133, 138-140

Internet protocol (IP) and, 130, 133, 141-143

kernel ARP cache lookup, 129

libnids and, 35-36

memory allocation/deallocation in, 36-37, 45

native datatypes in, 40-41

Open Systems Interconnectivity (OSI) model, 45-46

order of packet builder function calls important in, 45

packet builder functions in, 45-73

payload interface for, 47

port list functions in, 73-74

protocol tags and, 48-73

pseudorandom number functions in, 76

Punch sample program using, 77-86

random numbers and, 130, 134, 145-146

return values in, 48-73

route tables and, 130-131, 133, 137-138

service access point (SAP) symbolic constants in, 51

steps in, to build and send a packet, 36-37

symbolic constants for Ethernet and, 50

versions of, 35-36

wire injection methods in, 37-39

libnids library, 87-112

callbacks in, 90, 92-93

callbacks, registration functions in, 95-96

error handling in, 94-95

initialization and execution functions in, 93-95

installation of, 88

IP defragmentation in, 88, 95

libdnet library and, 35-36

Lilt sample program using, 96-112

native datatypes in, 88-93

TCP port scan detection in, 88

TCP stream reassembly in, 88

TCP-specific functions in, 96

libnids_errbuff, 94-95

libpcap component, 3

libpcap library, 9-33

ancillary functions in, 20-21

Berkeley Packet Filter (BPF) in, 18, 343

capture functions in, 16-17

error handling in, 14-17, 19, 21

filter functions in, 18-19

Firewalk security tool and, 331, 343, 361-362

initialization functions in, 13-16

installation of, 10

native datatypes in, 10-13

promiscuous Dits and, 15

savefile (dump) functions in, 19-20

Stroke sample program using, 22-33

library initialization, 41-42

libsf library, 113-127

active fingerprinting methods in, 115-117

b-trees in, 118-119

control flags in, 119-120

database for, 118-119

design considerations in, 114-119

error handling in, 119-120

fingerprint functions in, 120-121

framework functions in, 119-120

installation of, 114

IP don't fragment bit in, 118

IP packet size in, 118

IP time to live (TIL) in, 117

Legerdemain sample program using, 122-127

native datatypes in, 119

NULL packet to open port in, 115

passive fingerprinting methods in, 117-118

results functions in, 121-122

lifecycle, software development, 6-8

lifsf_handle, 119

link layer control (LLC), 20, 37-39, 48, 51, 343-344

link state acknowledgment (LSA) header (OSPF), 68-69

link state request (LSR) header (OSPF), 67-68

link state update header (OSPF), 68

Linux, 14, 39, 96-112, 140

little endian byte ordering, 197

lookups, libpcap library and, 15

looping, 17, 90, 140-141, 353-355