Utility Scripts

InfoSecter provides a number of Perl scripts. In all cases invoking the script with the -help argument print a usage message that explains the script arguments.

• InfoSecter Report Generator (output_report.pl) - Processes the XML analysis results generated by Analyzer and rewrites the results in a basic HTML form. You can use this script as a starting point to generate reports in a form that is most appropriate for your organization.
• InfoSecter Internet Storm Center Expression Builder (isc-build.pl) - Accesses reports on malicious activiity from ports and addresses gathered by the Internet Storm Center and creates an expression file that can be used for Policy Validation with Analyzer. By regularly building and testing against these expressions, you can determine whether your firewall is processing traffic from sources that are showing high levels of malicious activity.
• InfoSecter Packet Capture Expression Builder (pcap-build.pl) - Reads in a packet capture file (pcap) and build an InfoSecter expression that will match all unique instances of the packets that appear in the packet capture file. The resulting expression can be used by Analyzer for Policy Validation. If you are given a packet capture of offending packets, a query report can inform you how the packets in question are being processed by the security device.

InfoSecter Report Generator, InfoSecter Internet Storm Center Expression Builder , and InfoSecter Packet Capture Expression Builder by Network Geographics are licensed under a Creative Commons Attribution-Share Alike 3.0 United States License. Executable versions of the scripts that include the dependent modules are provided for the Windows platform. These executables were generated from the included source by PerlApp from Active State.