eBooks-it.org Logo
eBooks-IT.org Inner Image

Exploiting Software

How to Break Code

Exploiting Software Image

Book Details:

Publisher:Addison-Wesley Professional
Series: Addison Wesley , How To
Author:Gary McGraw
Edition:1
ISBN-10:0201786958
ISBN-13:9780201786958
Pages:512
Published:Feb 27 2004
Posted:Nov 19 2014
Language:English
Book format:PDF
Book size:7.58 MB

Book Description:

Praise for Exploiting Software 'Exploiting Software highlights the most critical part of the software quality problem. As it turns out, software quality problems are a major contributing factor to computer security problems. Increasingly, companies large and small depend on software to run their businesses every day. The current approach to software quality and security taken by software companies, system integrators, and internal development organizations is like driving a car on a rainy day with worn-out tires and no air bags. In both cases, the odds are that something bad is going to happen, and there is no protection for the occupant/owner. This book will help the reader understand how to make software quality part of the designa key change from where we are today! Tony Scott Chief Technology Officer, IS&S General Motors Corporation 'It's about time someone wrote a book to teach the good guys what the bad guys already know. As the computer security industry matures, books like Exploiting Software have a critical role to play. Bruce Schneier Chief Technology Officer Counterpane Author of Beyond Fear and Secrets and Lies 'Exploiting Software cuts to the heart of the computer security problem, showing why broken software presents a clear and present danger. Getting past the worm of the day' phenomenon requires that someone other than the bad guys understands how software is attacked. This book is a wake-up call for computer security. Elinor Mills Abreu Reuters' correspondent 'Police investigators study how criminals think and act. Military strategists learn about the enemy's tactics, as well as their weapons and personnel capabilities. Similarly, information security professionals need to study their criminals and enemies, so we can tell the difference between popguns and weapons of mass destruction. This book is a significant advance in helping the white hats' understand how the black hats' operate. Through extensive examples and attack patterns,' this book helps the reader understand how attackers analyze software and use the results of the analysis to attack systems. Hoglund and McGraw explain not only how hackers attack servers, but also how malicious server operators can attack clients (and how each can protect themselves from the other). An excellent book for practicing security engineers, and an ideal book for an undergraduate class in software security. Jeremy Epstein Director, Product Security Performance webMethods, Inc. 'A provocative and revealing book from two leading security experts and world class software exploiters, Exploiting Software enters the mind of the cleverest and wickedest crackers and shows you how they think. It illustrates general principles for breaking software, and provides you a whirlwind tour of techniques for finding and exploiting software vulnerabilities, along with detailed examples from real software exploits. Exploiting Software is essential reading for anyone responsible for placing software in a hostile environmentthat is, everyone who writes or installs programs that run on the Internet. Dave Evans, Ph.D. Associate Professor of Computer Science University of Virginia 'The root cause for most of today's Internet hacker exploits and malicious software outbreaks are buggy software and faulty security software deployment. In Exploiting Software, Greg Hoglund and Gary McGraw help us in an interesting and provocative way to better defend ourselves against malicious hacker attacks on those software loopholes. The information in this book is an essential reference that needs to be understood, digested, and aggressively addressed by IT and information security professionals everywhere. Ken Cutler, CISSP, CISA Vice President, Curriculum Development Professional Services, MIS Training Institute 'This book describes the threats to software in concrete, understandable, and frightening detail. It also discusses how to find these problems before the bad folks do. A valuable addition to every programmer's and security person's library! Matt Bishop, Ph.D. Professor of Computer Science University of California at Davis Author of Computer Security: Art and Science 'Whether we slept through software engineering classes or paid attention, those of us who build things remain responsible for achieving meaningful and measurable vulnerability reductions. If you can't afford to stop all software manufacturing to teach your engineers how to build secure software from the ground up, you should at least increase awareness in your organization by demanding that they read Exploiting Software. This book clearly demonstrates what happens to broken software in the wild. Ron Moritz, CISSP Senior Vice President, Chief Security Strategist Computer Associates 'Exploiting Software is the most up-to-date technical treatment of software security I have seen. If you worry about software and application vulnerability, Exploiting Software is a must-read. This book gets at all the timely and important issues surrounding software security in a technical, but still highly readable and engaging, way. Hoglund and McGraw have done an excellent job of picking out the major ideas in software exploit and nicely organizing them to make sense of the software security jungle. George Cybenko, Ph.D. Dorothy and Walter Gramm Professor of Engineering, Dartmouth Founding Editor-in-Chief, IEEE Security and Privacy 'This is a seductive book. It starts with a simple story, telling about hacks and cracks. It draws you in with anecdotes, but builds from there. In a few chapters you find yourself deep in the intimate details of software security. It is the rare technical book that is a readable and enjoyable primer but has the substance to remain on your shelf as a reference. Wonderful stuff. Craig Miller, Ph.D. Chief Technology Officer for North America Dimension Data 'It's hard to protect yourself if you don't know what you're up against. This book has the details you need to know about how attackers find software holes and exploit themdetails that will help you secure your own systems. Ed Felten, Ph.D. Professor of Computer Science Princeton University 'If you worry about software and application vulnerability, Exploiting Software is a must-read. This book gets at all the timely and important issues surrounding software security in a technical, but still highly readable and engaging way.-George Cybenko, Ph.D. Dorothy and Walter Gramm Professor of Engineering, DartmouthFounding Editor-in-Chief, IEEE Security and Privacy Magazine 'Exploiting Software is the best treatment of any kind that I have seen on the topic of software vulnerabilities.-From the Foreword by Aviel D. Rubin &#1...


Download Link:

Related Books:

Black Hat Physical Device Security

Exploiting Hardware and Software
Black Hat Physical Device Security Image
Black Hat, Inc. is the premier, worldwide provider of security training, consulting, and conferences. In this book the Black Hat experts show readers the types of attacks that can be done to physical devices such as motion detectors, video monitoring and closed circuit systems, authentication systems, thumbprint and voice print devices, retina scans, and more.The Black Hat Briefings held every year in Las Vegas, Washington DC, Amsterdam, and Singapore continually expose the greatest threats to cyber security and provide IT mind leaders with ground breaking defensive techniques. There are no books that show security and networking professionals how to protect physical security devices. This unique book provides step-by-step instructions for assessing ...

The Shellcoder's Handbook

Discovering and Exploiting Security Holes
The Shellcoder's Handbook Image
2nd Edition
This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationNew material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and VistaAlso features the first-ever published information on exploiting Cisco's IOS, with content that has never before been exploredThe companion Web site features downloadable code files...

Physical Database Design

The database professional's guide to exploiting indexes, views, storage, and more
Physical Database Design Image
The rapidly increasing volume of information contained in relational databases places a strain on databases, performance, and maintainability: DBAs are under greater pressure than ever to optimize database structure for system performance and administration. Physical Database Design discusses the concept of how physical structures of databases affect performance, including specific examples, guidelines, and best and worst practices for a variety of DBMSs and configurations. Something as simple as improving the table index design has a profound impact on performance. Every form of relational database, such as Online Transaction Processing (OLTP), Enterprise Resource Management (ERP), Data Mining (DM), or Management Resource Planning (MRP), can be impr...



2007 - 2021 © eBooks-IT.org