Book Review: Catalyst, Accelerating Perl Web Application Development

Recently I was contacted by a publisher from Packt publishing about reviewing a couple of books, after a long time (sorry I took so long!) I’m finally finished with my review of the first book, Catalyst: Accelerating Perl Web Application Development. Note that while I was asked, I wasn’t paid for this review, this is my personal opinion.

Firstly, for anyone unfamiliar with Catalyst, Catalyst is a MVC (Model-View-Controller) framework using Perl, for anyone familiar with Ruby on Rails, Catalyst is extremely similar.

The book is written by Jonathan Rockway, who is one of the core team members of the Catalyst team, which gives the book a solid technical background. The book’s text is easy to read and understandable.

Catalyst starts by giving a brief introduction to the MVC methodology and instructions for downloading and installing the Catalyst run-time. One thing to note is that this book is not for readers new to Perl, the book assumes you have a solid knowledge of Perl intricacies and experience using CPAN, which is required to install the multitudes of modules required for Catalyst development. I found that a certain level of problem-solving was required, as not all CPAN modules installed cleanly. I had to force-install a few of the modules and manually resolve a number of dependencies in order to get all the required modules. This barrier to entry might discourage some beginners just starting out with Perl and Catalyst. Other than that, all the installation instructions were very clear.

Developers don’t learn very well with just theory, so Catalyst does a good job of providing a sample application to develop and extend throughout the book. The bulk of the development centers around creating an Address Book application, which is then extended to have features like authentication and AJAX later on during the book. Personally, I’m happy the same application is used, rather than switching applications every chapter. The book does change applications for a couple of chapters (which I find is good, to give a different app’s perspective), then returns to the first application afterwards.

The book discusses a lot of the cool features of Catalyst, such as FormBuilder, templates, REST APIs, Jemplates, AJAX and RSS feeds. The book describes ways to use these features to help speed up development and move away from repetitive code creation. In chapters 8 and 9, testing and deployment are discussed. Personally, I would have liked to see the testing and deployment chapters moved up and integrated into the earlier chapters to enforce a methodology that includes testings from the beginning of development, but I can understand moving it to the end to make entry into the framework a little easier.

One other thing to note, as with almost any programming book, syntax and spelling errors can be killer when attempting to replicate code written in a book, the Catalyst book has a list of errors pertaining to the code in the book, which caused me a great deal of frustration until I looked up the errata. I recommend that anyone use the code example either downloaded from the website or directly from the book take a look and make sure they get the correct syntax. The only other thing I would have liked to see was a chapter on security concerns of the Catalyst framework (being concerned about security myself), I was disappointed they didn’t show up in the book, perhaps in the next edition. I have noticed (from googling for errors I ran into), that Jonathan is very vocal on forums about helping people, so I have no doubt that the syntax errors will be corrected in a future edition :)

Alright, enough blathering from me, here’s the short and sweet summary: This book is great for Perl or Ruby programmers who are already familiar with MVC development and are interested in the Catalyst framework. The book is not exhaustive by any means, and is not overly long (I would say this is a good thing), it provides a very solid foundation to work with, and a developer should be able to develop his/her own app after reading it. If you’re a Ruby developer interested in a Perl alternative to Rails, or if you’re a Perl developer jealous of Rails, I encourage you to check it out.

P.S. I have also posted this review to Amazon here.

April 11, 2008 | Filed Under book, catalyst, framework, mvc, perl, rails, review, script | 4 Comments 

NSM-Console version 0.5 release

smallmonkeyThat’s right, no development release this time around. I’ve been trying to get version 0.5 all finished for the Hex 1.0.3 release, and I’m happy to present the newest NSM-Console release!

Firstly, you can download NSM-Console version 0.5 here:
http://writequit.org/projects/nsm-console/files/nsm-console-0.5.tar.gz

Mirror here:
https://secure.redsphereglobal.com/data/dakrone/files/nsm-console-0.5.tar.gz

Like always, let’s go over some of the new features in this release:

Alias command
You can now alias a command whatever else you would like to, the syntax is the same as regular bash alias syntax, for instance, here are my aliases from my ~/.nsmcrc:
alias ls = list
alias ll = list
alias serv = e cat /etc/services | grep
So as an example, if I wanted to look up a service port, now I just type “serv 5190” and see if /etc/services has an entry for that port. (I have a habit of hitting ‘ll’ or ‘ls’ all the time, so now at least they’re useful)

Additional modules: flowtime and harimau
I added a couple of modules, the first is flowtime, which is a packet timeliner that I wrote about in this post. The second is the Harimau module, which will query the Harimau watchlist for all the IPs in a pcap file and print out the matching entries. Thanks go to Spoonfork and the Security.org.my team for the awesome tool.
Note: flowtime won’t work out of the box in Hex unless you install Argus version 3 (not version 2, which is what Hex comes with) as well as symlink ‘ploticus’ to ‘pl’ somewhere in your path.

Checkip command
Speaking of the Harimau watchlist, it has also been integrated as an NSM-Console command. You can see an example here:
nsm> checkip 209.177.146.34
209.177.146.34,www.emergingthreats.net/rules/bleeding-botcc.rules,botcc,2008-02-05 00:03:10

Module improvements
The snort module now uses the ac-bnfa search algorithm, which should help on systems with lower amounts of RAM (*cough* like my own). In addition, the bro-ids module now actually generates many more helpful reports and actually performs intrusion detection instead of just generating flow content. Some modules have been added to categories to make them easier to toggle.

Other minor improvements
Toggle handles multiple module names, space separated
All NSM-Console errors finally go to STDERR instead of STDOUT
Help command is much more readable and supports argument to get help about a particular command.
~./nsmcrc is read extremely quietly now, so it doesn’t fill up the screen
Bugfixes.

You can read the entire changelog here.

As always, please please please let me know if you have any comments, criticisms or suggestions :) Feel free to email me or leave a comment below.

February 5, 2008 | Filed Under bro-ids, checkip, flowtime, framework, harimau, hex, monitoring, network, nsm, nsm console, ruby, script, security, snort | 3 Comments 

NSM-Console version 0.4 release

smallmonkeyWell, it has barely been any length of time and there’s already a new release of NSM-Console, there are so many features that I’ve been coding like crazy to get them all done. First, let’s start with the downloading:

http://writequit.org/projects/nsm-console/files/nsm-console-0.4.tar.gz

And, for anyone interested, here’s a rundown of the most notable new features:

Additional encoding/decoding options
You can now do uuencode and uudecode using encode and decode. In addition I’ve added octal and char decoding, more to come in the future!

The ‘print’ command (or just ‘p’)
NSM-Console now supports reading and printing pcap file connections as well as payloads in a variety of multiple formats. If you use the ‘print’ or ‘p’ command without any arguments, usage is displayed. You can print just connection information, or you can print the payload in either ascii or hex. The print command also supports ranges, *s and commas. For example, all of these are valid commands:
p -x 100
p -h 10-15
p 100-*
p -x 10,53-64,102,2037-*
To see the print command in more action, take a look at how it is used to decode the sans packet challenge.

Color terminal text
Yep, nsm-console now supports color to brighten up your packet analysis experience :) If you are too dull to enjoy color (or don’t have a terminal that supports it), you can turn it off by using the ‘color off’ command.

Added modules
I’m slowing down for finding modules to easily add, but I still managed to add 2: tcptrace and tcpick. Note that tcpick isn’t installed by default on a Hex 1.0.2 install, so you’ll need to install it yourself. In order to view the graphs generated by tcptrace, you’ll need to install xplot too. (Hopefully these will be included in the next version of Hex)

~/.nsmcrc configuration file
When NSM-Console starts up, it will now check to see if the ~/.nsmcrc file exists, if it does, it will read through it and execute the commands found. For example:

[hinmanm@Euclid] $ cat ~/.nsmcrc
color off
eval $PROMPT="#{$GREEN}nsm#{$RESET}> "
# This is a comment
set honeysnap HOST_LIST 192.168.1.101,192.168.1.102

would set the color to be off, change the prompt to be green (yea, I know, a contradiction, it’s just an example) and set up some of our honeysnap options. Any line starting with a “#” will be ignored as a comment. This should help with some of the tediousness of having the set the same options every time you start up nsm-console.

Bugfixes, always bugfixes
Who doesn’t like bugfixes?

You can see the full list of all the changes in this version here, as well as future TODOs here. I’d like to give a big thanks to Scholar for letting me use his pcap parsing library, this way nsm-console doesn’t depend on any external libraries. Thanks Scholar!

I’ve also set up an NSM-Console wiki page over on the trac, in case you’re having trouble finding any of the information or want to download an older release.

January 16, 2008 | Filed Under analysis, framework, hex, monitoring, monkey, network, nsm, nsm console, packet, ruby, script, security, tcpick, tcptrace | 3 Comments 

NSM-Console version 0.3 release

Yep, I’ve just been cranking out code lately, so I am proud to present the 0.3 release of nsm-console!

You can download NSM-Console here:

http://writequit.org/projects/nsm-console/files/nsm-console-0.3.tar.gz

This release was focused a bit more on usability, features and bugfixes rather than the addition of new modules, however, there were still a couple that were added. Since this release has some pretty big changes, let’s start by going over some of the notable ones:

Read more

January 8, 2008 | Filed Under argus, console, decode, development, encode, fl0p, framework, hex, iploc, lgpl, monitoring, network, nsm, nsm console, opensource, ruby, script, security | 3 Comments 

NSM-console version 0.2 release

I found out there is internet here, so I’m finally able to post some code changes I was working on while on the airplane.

Firstly, download the files here.
The static page for nsm-console is here.

I finally got around to releasing the next version of the nsm-console. This version incorporates a large amount of bug fixes and additional features, first, I’ll start with some of the features I’m the most happy about :) Most of these features are in the new Hex 1.0.2 release which came out yesterday (go download it now!)

The directory functionality and the exec command isn’t in the current Hex release, but hopefully it will be in the next release.

Part of the reason I think nsm-console is neat is the ease of automation you can do using simple text files. For instance, if you created a text file called “automate.txt” and put the following lines in it:

file /pcap/data.pcap
output automated-output
toggle aimsnarf
toggle tcpdstat
toggle chaosreader
run
quit

Then, you can run the command:

./nsm < automate.txt > output.txt

Which will run all the commands in the text file automatically, placing all the output in output.txt, simple eh?

If you have any questions, comments or suggestions, feel free to leave a comment or send an email :) I’d love to hear if/how you’re using nsm-console :)

December 21, 2007 | Filed Under analysis, automation, framework, freebsd, hacking, hex, network, networking, nsm, nsm console, pcap, ruby, script, security | Leave a Comment 

Blog layout/pages update

Just a small update, I finally got around to creating static pages for the important things I’ve posted on my blog. You can view them on the right-hand column of the main page. I’ve created pages for the following projects/topics:

Hopefully this makes it easier to link to a particular project. Take a look and let me know if you find anything missing! I’m hoping to add a link for packages I’ve created soon also!

Also, I’m contemplating future posts, are there any requests for particular posts on a certain topic? More ZFS posts? More security tool posts? More how-to posts? Leave me a comment and let me know!

December 13, 2007 | Filed Under about, aimsnarf, author, blog, blogging, framework, nsm, nsm console, package, packages, programming, ruby | Leave a Comment 

NSM Console – A framework for running things

Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work).

Behold! I present NSM-Console! (read more about it here, watch a screencast here)

Download the framework here.
Keep in mind this framework only includes 3 modules (mostly used just for testing)

NSM-Console in a small (< 500 1000 1500 lines) framework for running nsm modules. Essentially, it’s a framework for running things (but we don’t call it that because it sounds like it wasn’t any work :P ). Here’s the breakdown: Read more

November 27, 2007 | Filed Under aimsnarf, analysis, console, framework, hex, module, nsm, pcap, plugin, ruby, script, security | 2 Comments 

Bad Behavior has blocked 228 access attempts in the last 7 days.