Picture 1 of 1

Stock photo

Exploiting Software : How to Break Code by Karen Karen Gettman, Greg Hoglund and - Picture 1 of 1

Exploiting Software : How to Break Code by Greg Hoglund, Karen Karen Gettman and Gary McGraw (2004, Trade Paperback)

igor017 (465)

100% positive Feedback

Price:

US $15.00

Approximately£11.24

+ $19.88 postage

Estimated delivery Mon, 11 Aug - Fri, 22 Aug

Returns:

30 days return. Buyer pays for return postage. If you use an eBay delivery label, it will be deducted from your refund amount.

Condition:

New

Exploiting Software : How to Break Code by Karen Karen Gettman, Greg Hoglund and.

About this product

Product Identifiers

PublisherAddison Wesley Professional

ISBN-100201786958

ISBN-139780201786958

eBay Product ID (ePID)6062117

Product Key Features

Number of Pages512 Pages

Publication NameExploiting Software : How to Break Code

LanguageEnglish

SubjectSoftware Development & Engineering / Quality Assurance & Testing, Networking / Vendor Specific, Security / General

Publication Year2004

TypeTextbook

AuthorGreg Hoglund, Karen Karen Gettman, Gary Mcgraw

Subject AreaComputers

FormatTrade Paperback

Dimensions

Item Height1 in

Item Weight31.1 Oz

Item Length9.3 in

Item Width7.6 in

Additional Product Features

Intended AudienceScholarly & Professional

LCCN2003-025556

Dewey Edition22

Number of Volumes3 vols.

IllustratedYes

Dewey Decimal005.8

Table Of ContentAttack Patterns. Foreword. Preface. What This Book Is About. How to Use This Book. But Isn't This Too Dangerous? Acknowledgments. 1. Software--The Root of the Problem. A Brief History of Software. Bad Software Is Ubiquitous. The Trinity of Trouble. The Future of Software. What Is Software Security? Conclusion. 2. Attack Patterns. A Taxonomy. An Open-Systems View. Tour of an Exploit. Attack Patterns: Blueprints for Disaster. An Example Exploit: Microsoft's Broken C++ Compiler. Applying Attack Patterns. Attack Pattern Boxes. Conclusion. 3. Reverse Engineering and Program Understanding. Into the House of Logic. Should Reverse Engineering Be Illegal? Reverse Engineering Tools and Concepts. Methods of the Reverser. Writing Interactive Disassembler (IDA) Plugins. Decompiling and Disassembling Software. Decompilation in Practice: Reversing helpctr.exe. Automatic, Bulk Auditing for Vulnerabilities. Writing Your Own Cracking Tools. Building a Basic Code Coverage Tool. Conclusion. 4. Exploiting Server Software. The Trusted Input Problem. The Privilege Escalation Problem. Finding Injection Points. Input Path Tracing. Exploiting Trust through Configuration. Specific Techniques and Attacks for Server Software. Conclusion. 5. Exploiting Client Software. Client-side Programs as Attack Targets. In-band Signals. Cross-site Scripting (XSS). Clients Scripts and Malicious Code. Content-Based Attacks. Backwash Attacks: Leveraging Client-side Buffer. Conclusion. 6. Crafting (Malicious) Input. The Defender's Dilemma.

SynopsisPraise for Exploiting Software " Exploiting Software highlights the most critical part of the software quality problem. As it turns out, software quality problems are a major contributing factor to computer security problems. Increasingly, companies large and small depend on software to run their businesses every day. The current approach to software quality and security taken by software companies, system integrators, and internal development organizations is like driving a car on a rainy day with worn-out tires and no air bags. In both cases, the odds are that something bad is going to happen, and there is no protection for the occupant/owner. This book will help the reader understand how to make software quality part of the design--a key change from where we are today " -- Tony Scott Chief Technology Officer, IS&S General Motors Corporation "It's about time someone wrote a book to teach the good guys what the bad guys already know. As the computer security industry matures, books like Exploiting Software have a critical role to play." -- Bruce Schneier Chief Technology Officer Counterpane Author of Beyond Fear and Secrets and Lies " Exploiting Software cuts to the heart of the computer security problem, showing why broken software presents a clear and present danger. Getting past the 'worm of the day' phenomenon requires that someone other than the bad guys understands how software is attacked. This book is a wake-up call for computer security." -- Elinor Mills Abreu Reuters' correspondent "Police investigators study how criminals think and act. Military strategists learn about the enemy's tactics, as well as their weapons and personnel capabilities. Similarly, information security professionals need to study their criminals and enemies, so we can tell the difference between popguns and weapons of mass destruction. This book is a significant advance in helping the 'white hats' understand how the 'black hats' operate. Through extensive examples and 'attack patterns, ' this book helps the reader understand how attackers analyze software and use the results of the analysis to attack systems. Hoglund and McGraw explain not only how hackers attack servers, but also how malicious server operators can attack clients (and how each can protect themselves from the other). An excellent book for practicing security engineers, and an ideal book for an undergraduate class in software security." -- Jeremy Epstein Director, Product Security & Performance webMethods, Inc. "A provocative and revealing book from two leading security experts and world class software exploiters, Exploiting Software enters the mind of the cleverest and wickedest crackers and shows you how they think. It illustrates general principles for breaking software, and provides you a whirlwind tour of techniques for finding and expl, Using attack patterns, real code, and example exploits, students learn techniques that are used by real malicious hackers against software. The author team show to break code--if students want to protect software from attack, they must first learn how real attacks are really carried out.

LC Classification NumberQA76.9.A25H635 2004