Perl is a free![[*]](foot_motif.gif)
programming language, which can be used as a solution for small problems with
very little code, but which can also be extended to very ambitious projects. Perl is one of the few languages which can be, according to the programmer's
needs, non-structured, structured or object oriented --most languages provide
for only one of those styles. For example, it is impossible to write structured
code using Java, and objects are non-existant in C.
One of the most popular ways of cracking into a system is by abusing the network daemons with buffer overflows. Most C programs are at different points vulnerable to this kind of attacks: The attacker sends an unusually large amount of data to the server in a single request, exceeding the predefined space allocated to receive the request, and possibly sneaking into a space meant for code, thus forcing the victim to execute arbitrary code. The effects of such attacks can range from a relatively innocuous crash to an intruder gaining control of our system. Using a wrapper we can completely avoid buffer overflow attacks by limiting the amount of data that reaches the real server. However, in order to do so, the wrapper needs to be extremely careful not to experience a buffer overflow itself -- falling back to the original problem. The author found Perl to be an ideal language for this, because memory is handled by the Perl compiler itself, not by the programmer (as opposed to C, where dynamically allocated memory and fixed size arrays can and very often do respectively lead to memory leaks and buffer overflows).
To implement wrappers, we need a language that makes it easy --optimally, transparent-- to read from and write to the network. Perl do so, thanks to their IO::Socket module. The network can be read from and written to as if it were a code that is file or with the getline and print methods if we prefer using an object-oriented approach.
Having an object-oriented language is definitively desirable. In that way, a base wrapper class can be build and later extended with protocol-specific derived classes --of course, leaving it open for future users to implement any protocol they want to, without having to re-implement or modify the base class. Since version 5, Perl can be programmed in an object-oriented way.