Angebote zu "Assessment" (57 Treffer)

Kategorien

Shops

Blokdyk, Gerardus: Linux distribution Complete ...
101,49 € *
ggf. zzgl. Versand

Erscheinungsdatum: 16.08.2018, Medium: Taschenbuch, Einband: Kartoniert / Broschiert, Titel: Linux distribution Complete Self-Assessment Guide, Autor: Blokdyk, Gerardus, Verlag: 5STARCooks, Sprache: Englisch, Schlagworte: BUSINESS & ECONOMICS // General, Rubrik: Wirtschaft // Allgemeines, Lexika, Geschichte, Seiten: 284, Informationen: Paperback, Gewicht: 416 gr, Verkäufer: averdo

Anbieter: averdo
Stand: 13.07.2020
Zum Angebot
Blokdyk, Gerardus: Linux Security Complete Self...
90,29 € *
ggf. zzgl. Versand

Erscheinungsdatum: 05.01.2018, Medium: Taschenbuch, Einband: Kartoniert / Broschiert, Titel: Linux Security Complete Self-Assessment Guide, Autor: Blokdyk, Gerardus, Verlag: 5STARCooks, Sprache: Englisch, Schlagworte: BUSINESS & ECONOMICS // General, Rubrik: Wirtschaft // Allgemeines, Lexika, Geschichte, Seiten: 114, Informationen: Paperback, Gewicht: 178 gr, Verkäufer: averdo

Anbieter: averdo
Stand: 13.07.2020
Zum Angebot
Blokdyk, Gerardus: Linux on RISC Complete Self-...
101,49 € *
ggf. zzgl. Versand

Erscheinungsdatum: 30.11.2018, Medium: Taschenbuch, Einband: Kartoniert / Broschiert, Titel: Linux on RISC Complete Self-Assessment Guide, Autor: Blokdyk, Gerardus, Verlag: 5STARCooks, Sprache: Englisch, Schlagworte: BUSINESS & ECONOMICS // General, Rubrik: Wirtschaft // Allgemeines, Lexika, Geschichte, Seiten: 284, Informationen: Paperback, Gewicht: 416 gr, Verkäufer: averdo

Anbieter: averdo
Stand: 13.07.2020
Zum Angebot
Blokdyk, G: Kali Linux Intrusion and Exploitati...
90,39 € *
ggf. zzgl. Versand

Erscheinungsdatum: 05.01.2018, Medium: Taschenbuch, Einband: Kartoniert / Broschiert, Titel: Kali Linux Intrusion and Exploitation Complete Self-Assessment Guide, Autor: Blokdyk, Gerardus, Verlag: 5STARCooks, Sprache: Englisch, Schlagworte: BUSINESS & ECONOMICS // General, Rubrik: Wirtschaft // Allgemeines, Lexika, Geschichte, Seiten: 122, Informationen: Paperback, Gewicht: 189 gr, Verkäufer: averdo

Anbieter: averdo
Stand: 13.07.2020
Zum Angebot
TP-Link TP-Link TL-WR840N N300 WLAN Router
17,78 € *
zzgl. 5,00 € Versand

Mit einer Geschwindigkeit von bis zu 300 Mbit/s stellt TP-LINKs WLAN-Router TL-WR840N ausreichend Bandbreite für verschiedenste Internetbasisanwendungen wie E-Mailen, Chatten und Surfen bereit. Ausgestattet mit zwei externen Antennen für eine optimale Reichweite sowie vier 10/100Mbit/s LAN-Ports ist er der ideale Router für Anwender, die Wert auf ein exzellentes Preis-Leistungs-Verhältnis legen.>Highlights:- Bis zu 300 Mbit/s WLAN-Geschwindigkeit, ideal für Internet-Basisanwendungen- Zwei externe Antennen sorgen für optimale WLAN-Abdeckung und -Reichweite- Einfache WLAN-Sicherheitsverschlüsselung durch Drücken der WPS-Taste- Die IP-basierte Bandbreitenkontrolle IP-QoS ermöglicht eine optimale Zuweisung der Leistungskapazität je Benutzer- Clear Channel Assessment-Technologie wählt automatisch den besten verfügbaren Kanal aus für eine stabilere Verbindung und bessere Leistung- Einfache Installation mit der beigelegten CD> Routereigenschaften- WAN Port 10/100Mbps- Einrichtung Gäste-WLAN möglich- WPS (Wi-Fi Protected Setup) fähig- DHCP-Server integriert- DMZ (Demilitarisierte Zone) möglich- Elternkontrolle (Parent Control)- IPv6 ready> Datenübertragung- WEP- WPA- WPA2> Schnittstellen- WLAN- WLAN Standard IEEE 802.11n- WLAN Standard IEEE 802.11g- WLAN Standard IEEE 802.11b> Antenneneigenschaften- WLAN- 2 Antennen> Systemanschlüsse- Anzahl Ethernet-Ports 10/100 Mbit/s: 4> Stromversorgung- Eingangsspannung: 9 V- Strom: 6 A> Grundeigenschaften- Farbe: Weiß- Höhe: 35 mm- Breite: 182 mm- Tiefe: 128 mm- Produkttyp: Router> Technische Beschreibung- - Frequenz: 2,4 - 2,4835 GHz - Signalrate: Bis zu 300 Mbit/s (11n), bis zu 54Mbit/s (11g), bis zu 11Mbit/s (11b)- Sendeleistung: < 20 dBm (CE), < 30 dBm (FCC)>Systemanforderungen- Windows 2000, XP, Vista, 7, 8, 8.1, 10 - Mac OS - Linux-basierende Betriebssysteme > Lieferumfang- TP-Link TL-WR840N N300 WLAN Router- Netzteil- CD- LAN-Kabel (RJ45)- Schnellinstallationsanleitung

Anbieter: mcbuero
Stand: 13.07.2020
Zum Angebot
Hacking Tools for Computers: A Complete Overvie...
9,95 € *
ggf. zzgl. Versand

Do you want to be a Hacker? Great! Learn to Hack!Hacking is the best way to learn how not to build things. Programmers master programming languages but often leave traces of code that hackers can master to create backdoors. This audiobook explains hacking in an interesting way that will help you master it easily.Hackers often use Linux and Kali for their operations. This audiobook explains everything with command line code in layman terms. Often people get misinformation about hacking from websites and blogs. To master hacking, you need to master tools that does the job. This audiobook exactly deals in this way to help you understand the process of hacking.This audiobook explains about the Installation procedures of Kali Linux and Linux. A detailed description on Linux commands is given along with many examples that will help us understand the techniques we need to master. Along with a brief introduction of Kali Linux, this audiobook will explain us about tools like Nmap an information-gathering tool and Metasploit an exploit creation tool.People often live in workplaces and are surrounded by wireless networks in this generation. A chapter in this audiobook deals solely about Wireless Hacking with a lot of examples. Below we explain the most exciting parts of the audiobook.•Introduction to Linux Operating System•Installation of Linux Distributions using a virtual machine•Introduction to Linux Commands•Explaining about hacking tools in Kali Linux•Information gathering of the target using Nmap•Automatic vulnerability assessment using Nessus•Getting introduced to Netcat utility with a lot of examples•Notes on using password cracking tools•Introduction to John the Ripper•Introduction to Snort tool•A whole chapter dealing about wireless hacking with a lot of examplesEven if you've never make a hack in your life, you can easily learn how to do it.If yo 1. Language: English. Narrator: D. Wolf. Audio sample: http://samples.audible.de/bk/acx0/188928/bk_acx0_188928_sample.mp3. Digital audiobook in aax.

Anbieter: Audible
Stand: 13.07.2020
Zum Angebot
The Art of Software Security Assessment
51,34 € *
ggf. zzgl. Versand

Computer Software is an integral part of modern society. Companies rely on applications to manage client information, payment data, and inventory tracking. Consumers use software for a variety of different reasons as well--to manage their daily lives, to communicate with friends and family, and to browse resources made available on the internet, to name a few. With such a heavy reliance on software in our society, questions surrounding the security of the pieces of software performing these various tasks begin to arise. Is the software we are using really secure? How can we verify that it is? And what are the implications of a particular application being compromised? These are some of the questions that this book attempts to address. This book sheds light on the theory and practice of code auditing--how to rip apart an application and discover security vulnerabilities, whether they be simple or subtle, and how to assess the danger that each vulnerability represents. Product Description "There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." -Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider's Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications. Coverage includes . Code auditing: theory, practice, proven methodologies, and secrets of the trade . Bridging the gap between secure software design and post-implementation review . Performing architectural assessment: design review, threat modeling, and operational review . Identifying vulnerabilities related to memory management, data types, and malformed data . UNIX/Linux assessment: privileges, files, and processes . Windows-specific issues, including objects and the filesystem . Auditing interprocess communication, synchronization, and state . Evaluating network software: IP stacks, firewalls, and common application protocols . Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129 Backcover "There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." -Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider's Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications. Coverage includes . Code auditing: theory, practice, proven methodologies, and secrets of the trade . Bridging the gap between secure software design and post-implementation review . Performing architectural assessment: design review, threat modeling, and operational review . Identifying vulnerabilities related to memory management, data types, and malformed data . UNIX/Linux assessment: privileges, files, and processes . Windows-specific issues, including objects and the filesystem . Auditing interprocess communication, synchronization, and state . Evaluating network software: IP stacks, firewalls, and common application protocols . Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129 ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129"There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." - Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider's Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications . Coverage includes - Code auditing: theory, practice, proven methodologies, and secrets of the trade - Bridging the gap between secure software design and post-implementation review - Performing architectural assessment: design review, threat modeling, and operational review - Identifying vulnerabilities related to memory management, data types, and malformed data - UNIX/Linux assessment: privileges, files, and processes - Windows-specific issues, including objects and the filesystem - Auditing interprocess communication, synchronization, and state - Evaluating network software: IP stacks, firewalls, and common application protocols - Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891

Anbieter: buecher
Stand: 13.07.2020
Zum Angebot
The Art of Software Security Assessment
51,34 € *
ggf. zzgl. Versand

Computer Software is an integral part of modern society. Companies rely on applications to manage client information, payment data, and inventory tracking. Consumers use software for a variety of different reasons as well--to manage their daily lives, to communicate with friends and family, and to browse resources made available on the internet, to name a few. With such a heavy reliance on software in our society, questions surrounding the security of the pieces of software performing these various tasks begin to arise. Is the software we are using really secure? How can we verify that it is? And what are the implications of a particular application being compromised? These are some of the questions that this book attempts to address. This book sheds light on the theory and practice of code auditing--how to rip apart an application and discover security vulnerabilities, whether they be simple or subtle, and how to assess the danger that each vulnerability represents. Product Description "There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." -Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider's Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications. Coverage includes . Code auditing: theory, practice, proven methodologies, and secrets of the trade . Bridging the gap between secure software design and post-implementation review . Performing architectural assessment: design review, threat modeling, and operational review . Identifying vulnerabilities related to memory management, data types, and malformed data . UNIX/Linux assessment: privileges, files, and processes . Windows-specific issues, including objects and the filesystem . Auditing interprocess communication, synchronization, and state . Evaluating network software: IP stacks, firewalls, and common application protocols . Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129 Backcover "There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." -Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider's Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications. Coverage includes . Code auditing: theory, practice, proven methodologies, and secrets of the trade . Bridging the gap between secure software design and post-implementation review . Performing architectural assessment: design review, threat modeling, and operational review . Identifying vulnerabilities related to memory management, data types, and malformed data . UNIX/Linux assessment: privileges, files, and processes . Windows-specific issues, including objects and the filesystem . Auditing interprocess communication, synchronization, and state . Evaluating network software: IP stacks, firewalls, and common application protocols . Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129 ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129"There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." - Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider's Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications . Coverage includes - Code auditing: theory, practice, proven methodologies, and secrets of the trade - Bridging the gap between secure software design and post-implementation review - Performing architectural assessment: design review, threat modeling, and operational review - Identifying vulnerabilities related to memory management, data types, and malformed data - UNIX/Linux assessment: privileges, files, and processes - Windows-specific issues, including objects and the filesystem - Auditing interprocess communication, synchronization, and state - Evaluating network software: IP stacks, firewalls, and common application protocols - Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891

Anbieter: buecher
Stand: 13.07.2020
Zum Angebot
The Shellcoder's Handbook
27,94 € *
ggf. zzgl. Versand

- This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application- New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista- Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored- The companion Web site features downloadable code filesThe black hats have kept up with security enhancements. Have you? In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system--with disastrous results. In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs--assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running--and how to better protect them. * Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS * Learn how to write customized tools to protect your systems, not just how to use ready-made ones * Use a working exploit to verify your assessment when auditing a network * Use proof-of-concept exploits to rate the significance of bugs in software you're developing * Assess the quality of purchased security products by performing penetration tests based on the information in this book * Understand how bugs are found and how exploits work at the lowest level

Anbieter: buecher
Stand: 13.07.2020
Zum Angebot