Chapter 4: The Libnids Library - Building.Open.Source.Network.Security.Tools.Components.And.Techniques [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Building.Open.Source.Network.Security.Tools.Components.And.Techniques [Electronic resources] - نسخه متنی

Mike D. Schiffman

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Table of Contents

BackCover

Building Open Source Network Security Tools Components and Techniques--Components and Techniques

Introduction

Components Legend

Who Should Read This Book

Language, Platform, and Compiler

C Programming Concepts

Conventions Used in This Book

Chapter 1: The Network Security Tool Paradigm

A Modular Model

Network Security Tool Taxonomy

Software Development Lifecycle

Conclusion

Chapter 2: The Libpcap Library

Installation Notes

Native Datatypes

Initialization Functions

Capture Functions

Filter Functions

Savefile (Dump) Functions

Ancillary Functions

Error Functions

Sample Program--Stroke

Sample Code--Stroke

Chapter 3: The Libnet Library

Installation Notes

Design Considerations

Native Datatypes

Framework Functions

Address Resolution Functions

Packet Builder Functions

Port List Functions

Ancillary Functions

Advanced-Mode Functions

Psuedo-Random Number Functions

Sample Program--Punch

Sample Code--Punch

Chapter 4: The Libnids Library

Installation Notes

Native Datatypes

Initialization and Execution Functions

Callback Registration Functions

TCP-Specific Functions

Sample Program-Lilt

Sample Code-Lilt

Chapter 5: The Libsf Library

Installation Notes

Design Considerations

Native Datatypes

Framework Functions

Fingerprint Functions

Results Functions

Sample Program-Legerdemain

Sample Code-Legerdemain

Chapter 6: The Libdnet Library

Installation Notes

Native Datatypes

Addressing Functions

ARP Cache Functions

Route Table Functions

Interface Functions

Firewall Functions

Ethernet and IP Functions

Binary Buffers

Random Number Generation

Sample Program-Clutch

Sample Code-Clutch

Chapter 7: The OpenSSL Library

Installation Notes

The EVP Interface

Native Datatypes

Top-level Functions

Symmetric Functions and Macros

Asymmetric Functions

Message Digest Functions and Macros

Digital Signature Functions

Sample Program-Roil

Sample Code-Roil

Chapter 8: Passive Reconnaissance Techniques

Sample Program-Scoop

Sample Code-Scoop

Chapter 9: Active Reconnaissance Techniques

IP Expiry

Sample Program-Knock

Sample Code-Knock

Chapter 10: Attack and Penetration Techniques

Vulnerability Testing

Sample Program-Sift

Sample Code-Sift

Chapter 11: Defensive Techniques

Encryption

Firewalling

Network Intrusion Detection

Sample Program-Descry

Sample Code-Descry

Chapter 12: Tying Everything Together--Firewalk

Firewalk in Practice

Firewalxsxsk Code Walkthrough

Firewalk Complete Code Listing

References

Chapter 1

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Chapter 6

Chapter 7

Chapter 8

Chapter 9

Chapter 10

Chapter 11

Chapter 12

Index

Index_B

Index_C

Index_D

Index_E

Index_F

Index_G-H

Index_I

Index_J-L

Index_M

Index_N

Index_O

Index_P

Index_Q-R

Index_S

Index_T

Index_U

Index_V

Index_W-Z

List of Figures

List of Tables
توضیحات
افزودن یادداشت جدید







Chapter 4: The Libnids Library


Overview
























URL:


http://www.packetfactory.net/Projects/libnids


Primary author:


Rafal Wojtczuk


Component type:


C language library


License:


GPL


Version profiled:


1.16


Dependencies:


libnet-1.0.x, libpcap


Libnids provides the programmer with a portable API to simulate the Event Generator (E-box) component of a Network Intrusion Detection System (NIDS). Within the context of an NIDS, the E-box's job is to sample the environment in which it specializes and convert occurrences in the environment into standard data objects for subsequent storage and/or analysis. In libnids' case, the environment is the local network, and the occurrences consist of standard lowlevel packet capturing and evaluation events. Currently, Libnids offers the following functions:



IP defragmentation (mimics a Linux 2.0.36 kernel)



TCP stream reassembly (mimics a Linux 2.0.36 kernel)



TCP port scan detection (tunable by the applications programmer)



Libnids was designed to be robust and to stand up to many of the vulnerabilities that traditionally plague NIDS. The libnids engine correctly handles all of the issues detailed in the landmark Newsham/Ptacek NIDS evasion paper as well as all of the attacks that Dug Song's original Fragrouter tool performs.

Libnids is useful for building an NIDS. The library takes care of all the lowlevel network legwork and algorithm design, reducing the application programmer's task of construction and high-level event decoding.

/ 135