Exploiting Software: How to Break Code

by Greg Hoglund (Author), Gary McGraw (Author)

Praise        Exploiting Software “Exploiting Software highlights        most critical part of        software quality problem. As      turns out, software quality problems are      major contributing factor       computer security problems. Increasingly, companies large         small depend       software       run        ir businesses every day. The current approach       software quality         security taken by software companies, system integrators,         internal development organizations      like driving      car on      rainy day          worn-out tires         no air bags. In both cases,        odds        that something bad      going       happen, and        re      no protection for        occupant/owner. This book will help        reader understand how       make software quality part of        design -      key change from where we        today!” - Tony Scott Chief Technology Officer, IS&S General Motors Corporation ~”It’s about time someone wrote      book       teach        good guys what        bad guys already know. As        computer security industry matures, books like Exploiting Software have      critical role       play.” - Bruce Schneier Chief Technology Officer Counterpane Author       Beyond Fear         Secrets         Lies ~”Exploiting Software cuts to        heart of        computer security problem, showing why broken software presents      clear         present danger. Getting past        ‘worm of        day’ phenomenon requires that someone other than        bad guys understands how software      attacked. This book is      wake-up call        computer security.” - Elinor Mills Abreu Reuters’ correspondent ~”Police investigators study how criminals think         act. Military strategists learn about        enemy’s tactics,       well as        ir weapons         personnel capabilities. Similarly, information security professionals need       study        ir criminals         enemies, so we can tell        difference between popguns         weapons       mass destruction. This book is      significant advance      helping        ‘white hats’ understand how        ‘black hats’ operate. Through extensive examples         ‘attack patterns,’ this book helps        reader understand how attackers analyze software         use        results of        analysis       attack systems. Hoglund         McGraw explain not only how hackers attack servers, but also how malicious server operators can attack clients (and how each can protect        mselves from        other). An excellent book        practicing security engineers,         an ideal book        an undergraduate class      software security.” - Jeremy Epstein Director, Product Security & Performance webMethods, Inc. ~”A provocative         revealing book from two leading security experts         world class software exploiters, Exploiting Software enters        mind of        cleverest         wickedest crackers         shows you how        y think. It illustrates general principles        breaking software,         provides you      whirlwind tour       techniques        finding         exploiting software vulnerabilities, along          detailed examples from real software exploits. Exploiting Software      essential reading        anyone responsible        placing software in      hostile environment - that is, everyone who writes or installs programs that run on        Internet.” - Dave Evans, Ph.D. Associate Professor       Computer Science University       Virginia ~”The root cause        most       today’s Internet hacker exploits         malicious software outbreaks        buggy software         faulty security software deployment. In Exploiting Software, Greg Hoglund         Gary McGraw help us      an interesting         provocative way       better defend ourselves against malicious hacker attacks       those software loopholes. The information      this book      an essential reference that needs       be understood, digested,         aggressively addressed by IT         information security professionals everywhere.” - Ken Cutler, CISSP, CISA Vice President, Curriculum Development & Professional Services, MIS Training Institute ~”This book describes        threats       software      concrete, understandable,         frightening detail. It also discusses how       find        se problems before        bad folks do. A valuable addition       every programmer’s         security person’s library!

512 pages
Publisher: Addison-Wesley Professional (February 27, 2004)
Language: English
ISBN-10: 0201786958
ISBN-13: 978-0201786958

آدرس این کتاب :