[...]... engineer at EADS Innovation Works, where I work in the IT security lab I am the creator of many programs, such as Scapy and ShellForge I authored Chapter 6, Custom Packet Generation (in which Scapy is the main security power tool) and Chapter 10, Custom Exploitation xx Credits Preface Security Power Tools is written by members of the Juniper Networks’ J -Security Team as well as two guests: Jennifer Granick... and what wrote who Bryan Burns: I am Chief Security Architect with the Juniper Networks’ J -Security Team I work closely with the other Juniper authors of this book on a daily basis to ensure that Juniper’s security products can defend against all the tools and techniques listed in this book In fact, the real reason why I’m so familiar with these security tools is because I use and study them to know... most of the sections are accessible to beginners Chapter 17, Device Security Testing, by Julien Sobrier The tools presented in this chapter are complementary and cover different areas of security testing A lot of examples on how to automate the tests are given throughout The tools are great to use in all QA processes—not just for security devices but for any network device Monitoring Chapter 18, Network... different security tools, and when there is so much work to be done? Well, the answer is fairly simple My group’s knowledge of these tools came through years of working with them and applying them The information they have to present xiv Foreword Foreword to you goes beyond the simple two-page summary of what the tool does This is not a simpleton’s instruction manual We also assume that you, as a security. .. 1,200 or 2,400 baud Attack tools and defense tools were also very rudimentary The most advanced security- related industry was—and to a certain extent, still is—the Virus/Anti-Virus industry Can you remember the DOS Ping Pong virus from 1988? Forensics was also in its infancy and was really only limited to the high-end companies and government agencies In a very simple sense, security was defined primarily... I’m currently the manager of a versatile team of hacker security professionals called SABRE (or Security Audit Blueprint and Response Engineering) We do everything from code security analysis to Functional Specs review, to engineer training in secure coding, and even to publishing of white papers intended to support talks we give at computer security conferences In this book, I authored Chapter 20,... future Julien Sobrier: I’m a network security engineer at Juniper Networks I work mainly on the Intrusion Detection and Preventions systems I have been working for Juniper for about two years and previously worked for Netscreen, another security network company I wrote Chapter 3, Vulnerability Scanning, Chapter 16, Email Security and Anti-Spam, Chapter 17, Device Security Testing, and half of Chapter... sophistication level of both attack and defense tools The pervasive nature of the Internet had also made it a target-rich environment, and it provided attackers multiple locations from which to launch their attacks xiii At the same time that the security landscape changed, the discussion around security had changed as well To borrow an expression from the cryptology field, security was largely accomplished through... around a little and reviewing those tools that are seemingly at your level, and either working up or down as you introduce yourself to tools you may not know Our final struggle was which tools to document Our O’Reilly editor gave us an ideal page count to shoot for This was our first parameter or else the book would cost a hundred dollars Next, each of us reviewed different tools depending on our chapter... anything to talk about (because quite frankly, some tools do one thing so well and so simplistically that they are almost too obvious and easy to use) There are a dozen other reasons that we chose the tools that we did, and not all of the tools we initially picked made it into the book; in the end, we had to make decisions Our apologies to those tools that didn’t make the cut; and to those that did, . class="bi x0 y0 w0 h1" alt="" SECURITY POWER TOOLS ® Other computer security resources from O’Reilly Related titles Security Warrior Snort Cookbook™ Practical Unix and Internet Security Essential System Administration SSH,. Guide TCP/IP Network Administration Network Security Hacks™ Security Books Resource Center security. oreilly.com is a complete catalog of O’Reilly’s books on security and related technologies, including. Bookshelf from cover to cover or sim- ply flip to the page you need. Try it today for free. SECURITY POWER TOOLS ® Bryan Burns, Jennifer Stisa Granick, Steve Manzuik, Paul Guersch, Dave Killion,