| With the development of information technology in21century, it has put an important influence on people’s daily life, which has brought great convenience. However, security problem was arised because of the vulnerability of communication protocol. Among numerous vulnerability scanning tools, Nessus is the most popular one of all, which has strong extensibility and can be applied in many fields.Currently, Nessus is a testing framework which is based on TCP/IP, thus, the compatibility of vulnerability is insufficient for the device which adopts protocol of MAC layer to communicate. In order to solve this problem, this thesis designs a testing framework by using the extensibility of Nessus for NASL language. This framework has some characteristics as follows:1. Rectify the shortage of support for the communication protocol in Nessus’s MAC layer and meet the requirement of sending specific message to those communication device based on MAC protocol by using this framework.2. This framework is absolutely transparent to developers of Plugin. It can create specific testing messages with MAC layer by using the extensibility of Nessus’s Plugin and the NASL method without changing original Plugin’s syntax.3. This framework is absolutely transparent to protocol testers. It performs detection for specific communication device with MAC layer by making best use of original testing framework and flow of Nessus and selecting finished Plugin without changing original usage mode. |
PDF Full Text Request