Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "The Software Vulnerability Guide", Herbert H. Thompso

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "The Software Vulnerability Guide", Herbert H. Thompson/Scott G. Chase
Date: Fri, 03 Feb 2006 12:10:18 -0800 
BKSWVLGD.RVW   20051109

"The Software Vulnerability Guide", Herbert H. Thompson/Scott G.
Chase, 2005, 1-58450-358-0, U$49.95/C$64.95
%A   Herbert H. Thompson
%A   Scott G. Chase
%C   403 VFW Drive, PO Box 417, Rockland, MA   02370
%D   2005
%G   1-58450-358-0
%I   Charles River Media
%O   U$49.95/C$64.95 800-382-8505 fax 6178714376 info@charlesriver.com
%O  http://www.amazon.com/exec/obidos/ASIN/1584503580/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1584503580/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1584503580/robsladesin03-20
%O   Audience a- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P   354 p. + CD-ROM
%T   "The Software Vulnerability Guide"

As part one is an introduction to security and vulnerabilities,
chapter one is what would normally be the introduction or preface to
the book.  The content is surprisingly vague about the intention of,
and audience for, the text.  A few security and network topics make up
chapter two.  Miscellaneous security utilities are listed in chapter
three.

Part two looks at system level attacks.  Chapter four examines some
issues with access control and privilege.  Password strength is the
topic of chapter five, but a lot of space is devoted to code for a
cracking program.  Scripts, and some of the ways they can be used
maliciously, are mentioned in chapter six.  Chapter seven examines
some of the ways that the use of dynamic link libraries can affect
security.

Part three reviews data parsing.  Chapter eight contains a clear
explanation of buffer overflows, although it takes a great deal of
space to convey relatively limited information.  An unclear exposition
on proprietary data formats and the corruption of files is in chapter
nine.  The material on format strings, in chapter ten, describes one
particular case involving the lack of strong data typing, malformed
input data, and buffer overflows.  Chapter eleven remarks that integer
overflows can be prevented by testing values at the extremes of
expected ranges.

Part four surveys information disclosure issues.  Chapter twelve says
that passwords should not be stored in plain text and notes some
(rather complicated) ways to test for programs that do make this
mistake.  Dangers in the sloppy use of temporary files are addressed
in chapter thirteen.  The reuse of memory is covered in chapter
fourteen, along with issues of garbage collection.  Chapter fifteen is
supposed to deal with finding memory traces left in the swap file, but
really only searches for text from a deleted file on a floppy disk.

Part five looks at network activity.  Chapter sixteen discusses
various versions of spoofing.  Reducing the amount of information
given in response to probes and errors is suggested in chapter
seventeen.

Part six turns specifically to Web sites.  Chapter eighteen outlines
cross-site scripting, although it does not do well at explaining how
the attack would work in the real world.  Careless programming of the
Common Gateway Interface (CGI) is deplored in chapter nineteen, and a
few other malicious possibilities are explored in twenty.  SQL
injection is outlined in chapter twenty-one.  A grab bag of other Web
issues is in chapter twenty-two.

Part seven finishes off with chapter twenty-three encouraging the
reader to learn from the mistakes of others.

The chapters are very short, and so the material is quite terse.  It
is also poorly structured, and generally far from complete.  In some
cases the content deals at great length with one specific problem in
one specific language, while other more sweeping issues are barely
mentioned.  The security literature is certainly deficient in titles
dealing with the practice of secure programming and development, but
this work, even though it does contain any number of valuable tips,
does not deal with the need for application development security in a
complete and straightforward fashion.

copyright Robert M. Slade, 2005   BKSWVLGD.RVW   20051109


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
Q. What is the difference between a computer salesman and a used
   car salesman?
A. A car salesman knows how to drive, and knows when he's lying.
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "The Software Vulnerability Guide", Herbert H. Thompson/Scott G. Chase, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] File - ++CISSP-Discuss.doc, CISSP-Discuss
Next by Date:  [CISSP-D] REVIEW: "Cryptography in the Database", Kevin Kenan, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] File - ++CISSP-Discuss.doc, CISSP-Discuss
Next by Thread:  [CISSP-D] REVIEW: "Cryptography in the Database", Kevin Kenan, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]