DOCSLIB.ORG

Linux Firewalls.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Linux Firewalls.Pdf USE IPTABLES TO DETECT AND P R E V E N T LINUXLINUX NETWORK-BASED LINUX FIREWALLS LINUX FIREWALLS ATTACKS FIREWALLSFIREWALLS ATTACK DETECTION A N D RESPONSE W I T H System administrators need to stay ahead of new • Tools for visualizing iptables logs IPTABLES , PSAD , A N D FWSNORT security vulnerabilities that leave their networks exposed • Passive OS fingerprinting with iptables every day. A firewall and an intrusion detection system (IDS) are two important weapons in that fight, enabling Perl and C code snippets offer practical examples MICHAEL RASH you to proactively deny access and monitor network that will help you to maximize your deployment of traffic for signs of an attack. Linux firewalls. Linux Firewalls discusses the technical details of the If you’re responsible for keeping a network secure, Linux Firewalls is a great book. iptables firewall and the Netfilter framework that are you’ll find Linux Firewalls invaluable in your attempt to —From the foreword by Richard Bejtlich built into the Linux kernel, and it explains how they understand attacks and use iptables—along with psad of TaoSecurity.com provide strong filtering, Network Address Translation and fwsnort—to detect and even prevent compromises. (NAT), state tracking, and application layer inspection ABOUT THE AUTHOR capabilities that rival many commercial tools. You’ll learn how to deploy iptables as an IDS with psad and Michael Rash is a security architect with Enterasys fwsnort and how to build a strong, passive authentica- Networks, Inc., where he develops the Dragon tion layer around iptables with fwknop. intrusion detection and prevention system. He is a frequent contributor to open source projects and the Concrete examples illustrate concepts such as firewall creator of psad, fwknop, and fwsnort. Rash is an log analysis and policies, passive network authentica- expert on firewalls, intrusion detection systems, passive tion and authorization, exploit packet traces, Snort OS fingerprinting, and the Snort rules language. He is ruleset emulation, and more with coverage of: co-author of Snort 2.1 Intrusion Detection (Syngress, • Application layer attack detection with the iptables 2004) and author of Intrusion Prevention and Active string match extension and fwsnort Response (Syngress, 2005), and he has written security articles for Linux Journal, Sys Admin maga- • Building an iptables ruleset that emulates a Snort ruleset zine, and ;login:. • Port knocking vs. Single Packet Authorization (SPA) RASH THE FINEST IN GEEK ENTERTAINMENT ™ $49.95 ($59.95 CDN) NETWORKING COMPUTER SECURITY/ SHELVE IN: www.nostarch.com ® “I LAY FLAT.” ® This book uses RepKover —a durable binding that won’t snap shut. Printed on recycled paper LINUX FIREWALLS LINUX FIREWALLS Attack Detection and Response with iptables, psad, and fwsnort by Michael Rash ® San Francisco LINUX FIREWALLS. Copyright © 2007 by Michael Rash. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. Printed on recycled paper in the United States of America 11 10 09 08 07 1 2 3 4 5 6 7 8 9 ISBN-10: 1-59327-141-7 ISBN-13: 978-1-59327-141-1 Publisher: William Pollock Production Editor: Christina Samuell Cover and Interior Design: Octopod Studios Developmental Editor: William Pollock Technical Reviewer: Pablo Neira Ayuso Copyeditors: Megan Dunchak and Bonnie Granat Compositors: Christina Samuell and Riley Hoffman Proofreaders: Karol Jurado and Riley Hoffman Indexer: Nancy Guenther For information on book distributors or translations, please contact No Starch Press, Inc. directly: No Starch Press, Inc. 555 De Haro Street, Suite 250, San Francisco, CA 94107 phone: 415.863.9900; fax: 415.863.9950; [email protected]; www.nostarch.com Library of Congress Cataloging-in-Publication Data Rash, Michael. Linux firewalls : attack detection and response with iptables, psad, and fwsnort / Michael Rash. p. cm. Includes index. ISBN-13: 978-1-59327-141-1 ISBN-10: 1-59327-141-7 1. Computers--Access control. 2. Firewalls (Computer security) 3. Linux. I. Title. QA76.9.A25R36 2007 005.8--dc22 2006026679 No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it. To Katie and little Bella BRIEF CONTENTS Acknowledgments ..........................................................................................................xv Foreword by Richard Bejtlich .........................................................................................xvii Introduction ....................................................................................................................1 Chapter 1: Care and Feeding of iptables ...........................................................................9 Chapter 2: Network Layer Attacks and Defense ................................................................35 Chapter 3: Transport Layer Attacks and Defense ...............................................................49 Chapter 4: Application Layer Attacks and Defense ............................................................69 Chapter 5: Introducing psad: The Port Scan Attack Detector ...............................................81 Chapter 6: psad Operations: Detecting Suspicious Traffic ..................................................99 Chapter 7: Advanced psad Topics: From Signature Matching to OS Fingerprinting.............113 Chapter 8: Active Response with psad...........................................................................131 Chapter 9: Translating Snort Rules into iptables Rules ......................................................149 Chapter 10: Deploying fwsnort.....................................................................................173 Chapter 11: Combining psad and fwsnort .....................................................................193 Chapter 12: Port Knocking vs. Single Packet Authorization ..............................................213 Chapter 13: Introducing fwknop ...................................................................................231 Chapter 14: Visualizing iptables Logs............................................................................257 Appendix A: Attack Spoofing .......................................................................................279 Appendix B: A Complete fwsnort Script .........................................................................285 Index .........................................................................................................................291 CONTENTS IN DETAIL ACKNOWLEDGMENTS xv FOREWORD by Richard Bejtlich xvii INTRODUCTION 1 Why Detect Attacks with iptables? .............................................................................. 2 What About Dedicated Network Intrusion Detection Systems? ........................... 3 Defense in Depth ......................................................................................... 4 Prerequisites ............................................................................................................ 4 Technical References ................................................................................................ 5 About the Website ................................................................................................... 5 Chapter Summaries .................................................................................................. 6 1 CARE AND FEEDING OF IPTABLES 9 iptables ................................................................................................................... 9 Packet Filtering with iptables .................................................................................... 10 Tables ...................................................................................................... 11 Chains ..................................................................................................... 11 Matches ................................................................................................... 12 Targets .................................................................................................... 12 Installing iptables ................................................................................................... 12 Kernel Configuration .............................................................................................. 14 Essential Netfilter Compilation Options ........................................................ 15 Finishing the Kernel Configuration ............................................................... 16 Loadable Kernel Modules vs. Built-in Compilation and Security ....................... 16
Load more

Recommended publications
  • La Sécurité Informatique Edition Livres Pour Tous (
    La sécurité informatique Edition Livres pour tous (www.livrespourtous.com) PDF générés en utilisant l’atelier en source ouvert « mwlib ». Voir http://code.pediapress.com/ pour plus d’informations. PDF generated at: Sat, 13 Jul 2013 18:26:11 UTC Contenus Articles 1-Principes généraux 1 Sécurité de l'information 1 Sécurité des systèmes d'information 2 Insécurité du système d'information 12 Politique de sécurité du système d'information 17 Vulnérabilité (informatique) 21 Identité numérique (Internet) 24 2-Attaque, fraude, analyse et cryptanalyse 31 2.1-Application 32 Exploit (informatique) 32 Dépassement de tampon 34 Rétroingénierie 40 Shellcode 44 2.2-Réseau 47 Attaque de l'homme du milieu 47 Attaque de Mitnick 50 Attaque par rebond 54 Balayage de port 55 Attaque par déni de service 57 Empoisonnement du cache DNS 66 Pharming 69 Prise d'empreinte de la pile TCP/IP 70 Usurpation d'adresse IP 71 Wardriving 73 2.3-Système 74 Écran bleu de la mort 74 Fork bomb 82 2.4-Mot de passe 85 Attaque par dictionnaire 85 Attaque par force brute 87 2.5-Site web 90 Cross-site scripting 90 Défacement 93 2.6-Spam/Fishing 95 Bombardement Google 95 Fraude 4-1-9 99 Hameçonnage 102 2.7-Cloud Computing 106 Sécurité du cloud 106 3-Logiciel malveillant 114 Logiciel malveillant 114 Virus informatique 120 Ver informatique 125 Cheval de Troie (informatique) 129 Hacktool 131 Logiciel espion 132 Rootkit 134 Porte dérobée 145 Composeur (logiciel) 149 Charge utile 150 Fichier de test Eicar 151 Virus de boot 152 4-Concepts et mécanismes de sécurité 153 Authentification forte
    [Show full text]
  • [PDF] Beginning Raku
    Beginning Raku Arne Sommer Version 1.00, 22.12.2019 Table of Contents Introduction. 1 The Little Print . 1 Reading Tips . 2 Content . 3 1. About Raku. 5 1.1. Rakudo. 5 1.2. Running Raku in the browser . 6 1.3. REPL. 6 1.4. One Liners . 8 1.5. Running Programs . 9 1.6. Error messages . 9 1.7. use v6. 10 1.8. Documentation . 10 1.9. More Information. 13 1.10. Speed . 13 2. Variables, Operators, Values and Procedures. 15 2.1. Output with say and print . 15 2.2. Variables . 15 2.3. Comments. 17 2.4. Non-destructive operators . 18 2.5. Numerical Operators . 19 2.6. Operator Precedence . 20 2.7. Values . 22 2.8. Variable Names . 24 2.9. constant. 26 2.10. Sigilless variables . 26 2.11. True and False. 27 2.12. // . 29 3. The Type System. 31 3.1. Strong Typing . 31 3.2. ^mro (Method Resolution Order) . 33 3.3. Everything is an Object . 34 3.4. Special Values . 36 3.5. :D (Defined Adverb) . 38 3.6. Type Conversion . 39 3.7. Comparison Operators . 42 4. Control Flow . 47 4.1. Blocks. 47 4.2. Ranges (A Short Introduction). 47 4.3. loop . 48 4.4. for . 49 4.5. Infinite Loops. 53 4.6. while . 53 4.7. until . 54 4.8. repeat while . 55 4.9. repeat until. 55 4.10. Loop Summary . 56 4.11. if . ..
    [Show full text]
  • Test-Beds and Guidelines for Securing Iot Products and for Secure Set-Up Production Environments
    IoT4CPS – Trustworthy IoT for CPS FFG - ICT of the Future Project No. 863129 Deliverable D7.4 Test-beds and guidelines for securing IoT products and for secure set-up production environments The IoT4CPS Consortium: AIT – Austrian Institute of Technology GmbH AVL – AVL List GmbH DUK – Donau-Universit t Krems I!AT – In"neon Technologies Austria AG #KU – JK Universit t Lin$ / Institute for &ervasive 'om(uting #) – Joanneum )esearch !orschungsgesellschaft mbH *+KIA – No,ia -olutions an. Net/or,s 0sterreich GmbH *1& – *1& -emicon.uctors Austria GmbH -2A – -2A )esearch GmbH -)!G – -al$burg )esearch !orschungsgesellschaft -''H – -oft/are 'om(etence 'enter Hagenberg GmbH -AG0 – -iemens AG 0sterreich TTTech – TTTech 'om(utertechni, AG IAIK – TU Gra$ / Institute for A((lie. Information &rocessing an. 'ommunications ITI – TU Gra$ / Institute for Technical Informatics TU3 – TU 3ien / Institute of 'om(uter 4ngineering 1*4T – 1-Net -ervices GmbH © Copyright 2020, the Members of the IoT4CPS Consortium !or more information on this .ocument or the IoT5'&- (ro6ect, (lease contact8 9ario Drobics7 AIT Austrian Institute of Technology7 mario:.robics@ait:ac:at IoT4C&- – <=>?@A Test-be.s an. guidelines for securing IoT (ro.ucts an. for secure set-up (ro.uction environments Dissemination level8 &U2LI' Document Control Title8 Test-be.s an. gui.elines for securing IoT (ro.ucts an. for secure set-u( (ro.uction environments Ty(e8 &ublic 4.itorBsC8 Katharina Kloiber 4-mail8 ,,;D-net:at AuthorBsC8 Katharina Kloiber, Ni,olaus DEr,, -ilvio -tern )evie/erBsC8 -te(hanie von )E.en, Violeta Dam6anovic, Leo Ha((-2otler Doc ID8 DF:5 Amendment History Version Date Author Description/Comments VG:? ?>:G?:@G@G -ilvio -tern Technology Analysis VG:@ ?G:G>:@G@G -ilvio -tern &ossible )esearch !iel.s for the -2I--ystem VG:> >?:G<:@G@G Katharina Kloiber Initial version (re(are.
    [Show full text]
  • NFV Decouples the Network Functions Such As NAT, Firewall, DPI, IPS/IDS, WAAS, SBC, RR Etc
    Virtualizing Enterprise Network Functions • BRKCRS-3447 Matt Falkner, Distinguished Engineer, Technical Marketing Agenda BRKCRS-3447 • Introduction & Motivation • Deployment Models and Characteristics • The Building Blocks of Virtualization (today) • Virtualization Trade-offs and Research Topics • Conclusion Abstract Network Function Virtualization (NfV) is gaining increasing traction in the industry based on the promise of reducing both CAPEX and OPEX using COTS hardware. This session introduces the use-cases for virtualizing Enterprise network architectures, such as virtualizing branch routers, LISP nodes, IWAN deployments, or enabling enterprise hybrid cloud deployments. The sessions also discusses the technology of Virtualization from both a system architecture as well as a network architecture perspective. Particular focus is given on understanding the impact of running routing functions on top of hypervisors, as well as the placement and chaining of network functions. Performance of virtualized functions is also discussed. BRKCRS-3447 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Introduction and Motivation Network Functions Virtualization (NFV) Announced at SDN World Congress, Oct 2012 • AT&T • BT • CenturyLink • China Mobile • Colt • Deutsche Telekom • KDDI • NTT • Orange • Telecom Italia • Telstra • Verizon • Others TBA… BRKCRS-3447 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 What is NfV? A Definition … NFV decouples the network functions such as NAT, Firewall, DPI, IPS/IDS,
    [Show full text]
  • EN-Google Hacks.Pdf
    Table of Contents Credits Foreword Preface Chapter 1. Searching Google 1. Setting Preferences 2. Language Tools 3. Anatomy of a Search Result 4. Specialized Vocabularies: Slang and Terminology 5. Getting Around the 10 Word Limit 6. Word Order Matters 7. Repetition Matters 8. Mixing Syntaxes 9. Hacking Google URLs 10. Hacking Google Search Forms 11. Date-Range Searching 12. Understanding and Using Julian Dates 13. Using Full-Word Wildcards 14. inurl: Versus site: 15. Checking Spelling 16. Consulting the Dictionary 17. Consulting the Phonebook 18. Tracking Stocks 19. Google Interface for Translators 20. Searching Article Archives 21. Finding Directories of Information 22. Finding Technical Definitions 23. Finding Weblog Commentary 24. The Google Toolbar 25. The Mozilla Google Toolbar 26. The Quick Search Toolbar 27. GAPIS 28. Googling with Bookmarklets Chapter 2. Google Special Services and Collections 29. Google Directory 30. Google Groups 31. Google Images 32. Google News 33. Google Catalogs 34. Froogle 35. Google Labs Chapter 3. Third-Party Google Services 36. XooMLe: The Google API in Plain Old XML 37. Google by Email 38. Simplifying Google Groups URLs 39. What Does Google Think Of... 40. GooglePeople Chapter 4. Non-API Google Applications 41. Don't Try This at Home 42. Building a Custom Date-Range Search Form 43. Building Google Directory URLs 44. Scraping Google Results 45. Scraping Google AdWords 46. Scraping Google Groups 47. Scraping Google News 48. Scraping Google Catalogs 49. Scraping the Google Phonebook Chapter 5. Introducing the Google Web API 50. Programming the Google Web API with Perl 51. Looping Around the 10-Result Limit 52.
    [Show full text]
  • Name Description
    Perl version 5.10.0 documentation - perlnewmod NAME perlnewmod - preparing a new module for distribution DESCRIPTION This document gives you some suggestions about how to go about writingPerl modules, preparing them for distribution, and making them availablevia CPAN. One of the things that makes Perl really powerful is the fact that Perlhackers tend to want to share the solutions to problems they've faced,so you and I don't have to battle with the same problem again. The main way they do this is by abstracting the solution into a Perlmodule. If you don't know what one of these is, the rest of thisdocument isn't going to be much use to you. You're also missing out onan awful lot of useful code; consider having a look at perlmod, perlmodlib and perlmodinstall before coming back here. When you've found that there isn't a module available for what you'retrying to do, and you've had to write the code yourself, considerpackaging up the solution into a module and uploading it to CPAN so thatothers can benefit. Warning We're going to primarily concentrate on Perl-only modules here, ratherthan XS modules. XS modules serve a rather different purpose, andyou should consider different things before distributing them - thepopularity of the library you are gluing, the portability to otheroperating systems, and so on. However, the notes on preparing the Perlside of the module and packaging and distributing it will apply equallywell to an XS module as a pure-Perl one. What should I make into a module? You should make a module out of any code that you think is going to beuseful to others.
    [Show full text]
  • WP-MIRROR 0.7.4 Reference Manual
    WP-MIRROR 0.7.4 Reference Manual Dr. Kent L. Miller November 22, 2014 DRAFT 1 DRAFT 2 To Tylery DRAFT i WP-MIRROR 0.7.4 Reference Manual Legal Notices Copyright (C) 2012–2014 Dr. Kent L. Miller. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”. THIS PUBLICATION AND THE INFORMATION HEREIN ARE FURNISHED AS IS, ARE FURNISHED FOR INFORMATIONAL USE ONLY, ARE SUBJECT TO CHANGE WITH- OUT NOTICE, AND SHOULD NOT BE CONSTRUED AS A COMMITMENT BY THE AU- THOR. THE AUTHOR ASSUMES NO RESPONSIBILITY OR LIABILITY FOR ANY ER- RORS OR INACCURACIES THAT MAY APPEAR IN THE INFORMATIONAL CONTENT CONTAINED IN THIS MANUAL, MAKES NO WARRANTY OF ANY KIND (EXPRESS, IMPLIED, OR STATUTORY) WITH RESPECT TO THIS PUBLICATION,AND EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR PAR- TICULAR PURPOSES, AND NONINFRINGEMENT OF THIRD-PARTY RIGHTS. The WP-MIRROR logotype (see margin) was released by the author into the public domain on 2014-Apr-10. See https://www.mediawiki.org/wiki/File:Wp-mirror.png. This logotype fea- tures a sunflower that is derived from 119px-Mediawiki logo sunflower Tournesol 5x rev2.png, which is also in the public domain. See https://en.wikipedia.org/wiki/File:Mediawiki_logo_sunflower_Tournesol_5x.png.
    [Show full text]
  • Coleman-Coding-Freedom.Pdf
    Coding Freedom !" Coding Freedom THE ETHICS AND AESTHETICS OF HACKING !" E. GABRIELLA COLEMAN PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD Copyright © 2013 by Princeton University Press Creative Commons Attribution- NonCommercial- NoDerivs CC BY- NC- ND Requests for permission to modify material from this work should be sent to Permissions, Princeton University Press Published by Princeton University Press, 41 William Street, Princeton, New Jersey 08540 In the United Kingdom: Princeton University Press, 6 Oxford Street, Woodstock, Oxfordshire OX20 1TW press.princeton.edu All Rights Reserved At the time of writing of this book, the references to Internet Web sites (URLs) were accurate. Neither the author nor Princeton University Press is responsible for URLs that may have expired or changed since the manuscript was prepared. Library of Congress Cataloging-in-Publication Data Coleman, E. Gabriella, 1973– Coding freedom : the ethics and aesthetics of hacking / E. Gabriella Coleman. p. cm. Includes bibliographical references and index. ISBN 978-0-691-14460-3 (hbk. : alk. paper)—ISBN 978-0-691-14461-0 (pbk. : alk. paper) 1. Computer hackers. 2. Computer programmers. 3. Computer programming—Moral and ethical aspects. 4. Computer programming—Social aspects. 5. Intellectual freedom. I. Title. HD8039.D37C65 2012 174’.90051--dc23 2012031422 British Library Cataloging- in- Publication Data is available This book has been composed in Sabon Printed on acid- free paper. ∞ Printed in the United States of America 1 3 5 7 9 10 8 6 4 2 This book is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE !" We must be free not because we claim freedom, but because we practice it.
    [Show full text]
  • Custom Equipment Monitoring with Openwrt and Carambola
    Custom Equipment Monitoring with OpenWRT and Carambola Sysadmin Miniconf Linux.conf.au Perth - 6 January 2014 Andrew McDonnell - Software Engineer & Tech Problem Solver [email protected] Twitter: @pastcompute http://blog.oldcomputerjunk.net https://launchpad.net/~andymc73 https://github.com/andymc73 Overview ● Equipment Monitoring with a Budget ● Introduction to Carambola ● Introduction to OpenWRT ● Monitoring with OpenWRT and Carambola Andrew McDonnell – LCA2014 Sysadmin Miniconf - Custom equipment monitoring with OpenWRT and Carambola – [email protected] 2 Use Case ● Everything has a computer in it these days ● And a connection: http://en.wikipedia.org/wiki/File:SolarpanelBp.JPG http://en.wikipedia.org/wiki/File:2008-07-11_Air_conditioners_at_UNC-CH.jpg http://en.wikipedia.org/wiki/File:Davis_VantagePro.jpg Andrew McDonnell – LCA2014 Sysadmin Miniconf - Custom equipment monitoring with OpenWRT and Carambola – [email protected] 3 Use Case Requirements ● So if you have a <insert widget here>? ● And a small physical space requirement? ● How do you have it talk to <insert toolkit here>? i2c rs485 http://openclipart.org/detail/182810/old-computer-by-jhnri4-182810 http://openclipart.org/detail/188441/sid-chip-by-arvin61r58-188441 Andrew McDonnell – LCA2014 Sysadmin Miniconf - Custom equipment monitoring with OpenWRT and Carambola – [email protected] 4 Potential Solutions ● Industrial COTS ● Embedded microcontrollers ● arduino ● Embedded Linux ● Raspberry Pi ● Beaglebone Black ● Carambola2 http://www.openelectrical.org/wiki/images/4/43/Programmable-logic-controller-plc-22971.jpg
    [Show full text]
  • COMS 3101 Programming Languages: Perl Lecture 5
    COMS 3101 Programming Languages: Perl Lecture 5 Fall 2013 Instructor: Ilia Vovsha http://www.cs.columbia.edu/~vovsha/coms3101/perl Lecture Outline Packages & Modules Concepts: Subroutine references SbliSymbolic references Garbage collection Saving structures Objects and Classes Next: More OOP, CPAN 5.2 Remarks Pattern matching “cage” can be any character: • m// or // is equivalent to m{} • s/// is equivalent to s{} {} • // are just customary quote characters for pattern matching behavior. In fact you could choose your own character instead of {} (e.g. m ! !) • Convenient if lots of slhlashes in the pattern ref function: returns type of reference (a string) • $rtype = ref($href); # returns “HASH” • $rtype = ref($aref); # returns “ARRAY” • if ( ref($href) eq “HASH” ) { … } 5.3 Packages & Modules Why do we need them? Package or module, what is the difference? ‘use’ vs. ‘require’ Importing from another package Pragmatic modules (ppgragmas) 5.4 Packages (purpose) sub parse_text { # code from one file … $count = $count++; … } sub normalize { # code from another file $count++; … } # Use both functions: parse_text(); normalize(); print “$count\n”; # Which $count? What is its value? 5.5 Packages (definition) Balanced code: abstraction + reuse Every chkhunk of code has its own namespace. In PlPerl, a namespace is called a package Independent of files: • Multiple packages in one file • Single package spanning multiple files • Most common: one package per file Best approach: one package per file where file name is package name
    [Show full text]
  • Name Introduction Quick Checklist
    Perl version 5.10.0 documentation - perlmodstyle NAME perlmodstyle - Perl module style guide INTRODUCTION This document attempts to describe the Perl Community's "best practice"for writing Perl modules. It extends the recommendations found in perlstyle , which should be considered required readingbefore reading this document. While this document is intended to be useful to all module authors, it isparticularly aimed at authors who wish to publish their modules on CPAN. The focus is on elements of style which are visible to the users of a module, rather than those parts which are only seen by the module's developers. However, many of the guidelines presented in this documentcan be extrapolated and applied successfully to a module's internals. This document differs from perlnewmod in that it is a style guiderather than a tutorial on creating CPAN modules. It provides achecklist against which modules can be compared to determine whether they conform to best practice, without necessarily describing in detailhow to achieve this. All the advice contained in this document has been gleaned fromextensive conversations with experienced CPAN authors and users. Everypiece of advice given here is the result of previous mistakes. Thisinformation is here to help you avoid the same mistakes and the extrawork that would inevitably be required to fix them. The first section of this document provides an itemized checklist; subsequent sections provide a more detailed discussion of the items on the list. The final section, "Common Pitfalls", describes some of the most popular mistakes made by CPAN authors. QUICK CHECKLIST For more detail on each item in this checklist, see below.
    [Show full text]
  • D4.2: In-Vehicular Antitampering Security
    Ref. Ares(2021)2227326 - 31/03/2021 DIAS Smart Adaptive Remote Diagnostic Antitampering Systems EUROPEAN COMMISSION HORIZON 2020 LC-MG-1-4-2018 Grant agreement ID: 814951 Deliverable No. D4.2 Deliverable Title In-vehicular antitampering security techniques and integration Issue Date 31/03/2021 Dissemination level Public Main Author(s) Genge Béla (UMFST) Lenard Teri (UMFST) Obaid Ur-Rehman (FEV) Miao Zhang (FEV) Liu Cheng (BOSCH) Siegel Bjoern (BOSCH) Roland Bolboacă (UMFST) Haller Piroska (UMFST) DIAS D4.2-In-vehicular antitampering security techniques and integration, v1.0 Sofia Terzi (CERTH) Athanasios Sersemis (CERTH) Charalampos Savvaidis (CERTH) Konstantinos Votis (CERTH) Version v1.0 2 31/03/2021 DIAS D4.2-In-vehicular antitampering security techniques and integration, v1.0 DIAS Consortium This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 814951. This document reflects only the author's view and the Agency is not responsible for any use that may be made of the information it contains. 3 31/03/2021 DIAS D4.2-In-vehicular antitampering security techniques and integration, v1.0 Document log Distributed Version Description Assigned to Date for Draft structure of Structure Reviewer 1: FEV v0.1 20/11/2020 deliverable review Reviewer 2: UMFST Reviewer 1: Sofia Terzi v0.2- Draft content of Content (CERTH) 26/02/2021 v0.4 deliverable reviews Reviewer 2: Dominic Woerner (Bosch IoT) Final content of v0.5 GA check GA members 19/03/2021 deliverable v1.0 First final
    [Show full text]