Administrivia Abstract Introduction Log file processing

Short Description
Tutorial (University of Illinois at Urbana-Champaign). … “Linux Administrator’s Security Guide - Log files and other forms of. monitoring”. Unknown. URL: …

Website: www.nosneros.net | Filesize: 207kb

Content
1 of 38
Administrivia
This paper is written comply with the requirements for SANS GIAC GSEC v1.4b Option 1. This
paper is authored by Holt Sorenson.
Abstract
This paper introduces PERL as a useful, flexible, and extensible tool for the security practitioner.
References to resources are provided so that the reader may expand their knowledge beyond the
concepts presented here. In this paper examples of PERL’s ability to process log files, grab
banners of network services, craft packets, and to exploit code that writes to buffers without
checking buffer length (such problems are commonly referred to as buffer overflows) are
explored.
Introduction
Over time a security practitioner becomes proficient with tools that are critical to accomplishing
day-to-day tasks. One tool that security practitioners should have experience with is PERL. This
paper explores practical ways in which the PERL language can be applied to security problems
that the practitioner could encounter.
PERL[1] (Practical Extraction and Report Language, or more affectionately, the Pathological
Eclectic Rubbish Lister), is a powerful language that has an accessible learning curve permitting
professionals that are new to the language to utilize its features without significant time
investment. PERL offers rich features for…