did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780321444424

The Art of Software Security Assessment Identifying and Preventing Software Vulnerabilities

by ; ;
  • ISBN13:

    9780321444424

  • ISBN10:

    0321444426

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2006-11-20
  • Publisher: Addison-Wesley Professional
  • Purchase Benefits
List Price: $79.99 Save up to $8.00
  • Digital
    $71.99
    Add to Cart

    DURATION
    PRICE

Supplemental Materials

What is included with this book?

Summary

"There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude." -Halvar Flake,CEO and head of research, SABRE Security GmbH The Definitive Insiderrs"s Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written.The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessmentcovers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real codedrawn from past flaws in many of the industry's highest-profile applications. Coverage includes bull; Code auditing: theory, practice, proven methodologies, and secrets of the trade bull; Bridging the gap between secure software design and post-implementation review bull; Performing architectural assessment: design review, threat modeling, and operational review bull; Identifying vulnerabilities related to memory management, data types, and malformed data bull; UNIX/Linux assessment: privileges, files, and processes bull; Windows-specific issues, including objects and the filesystem bull; Auditing interprocess communication, synchronization, and state bull; Evaluating network software: IP stacks, firewalls, and common application protocols bull; Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES &n

Author Biography

Mark Dowd, currently a principal security architect at McAfee, Inc. John McDonald, a senior consultant for Neohapsis, Inc. Justin Schuh is currently a senior consultant and the application security practice lead for Neohapsis, Inc.

Table of Contents

About the Authors xv
Preface xvii
Acknowledgments xxi
I. Introduction to Software Security Assessment
Software Vulnerability Fundamentals
3(22)
Introduction
3(1)
Vulnerabilities
4(5)
Security Policies
5(2)
Security Expectations
7(2)
The Necessity of Auditing
9(5)
Auditing Versus Black Box Testing
11(2)
Code Auditing and the Development Life Cycle
13(1)
Classifying Vulnerabilities
14(4)
Design Vulnerabilities
14(1)
Implementation Vulnerabilities
15(1)
Operational Vulnerabilities
16(1)
Gray Areas
17(1)
Common Threads
18(5)
Input and Data Flow
18(1)
Trust Relationships
19(1)
Assumptions and Misplaced Trust
20(1)
Interfaces
21(1)
Environmental Attacks
21(1)
Exceptional Conditions
22(1)
Summary
23(2)
Design Review
25(42)
Introduction
25(1)
Software Design Fundamentals
26(10)
Algorithms
26(1)
Abstraction and Decomposition
27(1)
Trust Relationships
28(3)
Principles of Software Design
31(2)
Fundamental Design Flaws
33(3)
Enforcing Security Policy
36(13)
Authentication
36(2)
Authorization
38(2)
Accountability
40(1)
Confidentiality
41(4)
Integrity
45(3)
Availability
48(1)
Threat Modeling
49(17)
Information Collection
50(3)
Application Architecture Modeling
53(6)
Threat Identification
59(3)
Documentation of Findings
62(3)
Prioritizing the Implementation Review
65(1)
Summary
66(1)
Operational Review
67(24)
Introduction
67(1)
Exposure
68(5)
Attack Surface
68(1)
Insecure Defaults
69(1)
Access Control
69(1)
Unnecessary Services
70(1)
Secure Channels
71(1)
Spoofing and Identification
72(1)
Network Profiles
73(1)
Web-Specific Considerations
73(3)
HTTP Request Methods
73(1)
Directory Indexing
74(1)
File Handlers
74(1)
Authentication
75(1)
Default Site Installations
75(1)
Overly Verbose Error Messages
75(1)
Public-Facing Administrative Interfaces
76(1)
Protective Measures
76(13)
Development Measures
76(3)
Host-Based Measures
79(4)
Network-Based Measures
83(6)
Summary
89(2)
Application Review Process
91(76)
Introduction
91(1)
Overview of the Application Review Process
92(1)
Rationale
92(1)
Process Outline
93(1)
Preassessment
93(4)
Scoping
94(1)
Application Access
95(1)
Information Collection
96(1)
Application Review
97(9)
Avoid Drowning
98(1)
Iterative Process
98(1)
Initial Preparation
99(2)
Plan
101(2)
Work
103(2)
Reflect
105(1)
Documentation and Analysis
106(2)
Reporting and Remediation Support
108(1)
Code Navigation
109(2)
External Flow Sensitivity
109(2)
Tracing Direction
111(1)
Code-Auditing Strategies
111(22)
Code Comprehension Strategies
113(6)
Candidate Point Strategies
119(9)
Design Generalization Strategies
128(5)
Code-Auditing Techniques
133(14)
Internal Flow Analysis
133(2)
Subsystem and Dependency Analysis
135(1)
Rereading Code
136(1)
Desk-Checking
137(2)
Test Cases
139(8)
Code Auditor's Toolbox
147(11)
Source Code Navigators
148(3)
Debuggers
151(4)
Binary Navigation Tools
155(2)
Fuzz-Testing Tools
157(1)
Case Study: OpenSSH
158(6)
Preassessment
159(2)
Implementation Analysis
161(1)
High-Level Attack Vectors
162(2)
Documentation of Findings
164(1)
Summary
164(3)
II. Software Vulnerabilities
Memory Corruption
167(36)
Introduction
167(1)
Buffer Overflows
168(19)
Process Memory Layout
169(1)
Stack Overflows
169(11)
Off-by-One Errors
180(3)
Heap Overflows
183(3)
Global and Static Data Overflows
186(1)
Shellcode
187(2)
Writing the Code
187(1)
Finding Your Code in Memory
188(1)
Protection Mechanisms
189(7)
Stack Cookies
190(1)
Heap Implementation Hardening
191(2)
Nonexecutable Stack and Heap Protection
193(1)
Address Space Layout Randomization
194(1)
SafeSEH
194(1)
Function Pointer Obfuscation
195(1)
Assessing Memory Corruption Impact
196(6)
Where Is the Buffer Located in Memory?
197(1)
What Other Data Is Overwritten?
197(1)
How Many Bytes Can Be Overwritten?
198(1)
What Data Can Be Used to Corrupt Memory?
199(2)
Are Memory Blocks Shared?
201(1)
What Protections Are in Place?
202(1)
Summary
202(1)
C Language Issues
203(94)
Introduction
203(1)
C Language Background
204(1)
Data Storage Overview
204(7)
Binary Encoding
207(2)
Byte Order
209(1)
Common Implementations
209(2)
Arithmetic Boundary Conditions
211(12)
Unsigned Integer Boundaries
213(7)
Signed Integer Boundaries
220(3)
Type Conversions
223(23)
Overview
224(1)
Conversion Rules
225(6)
Simple Conversions
231(2)
Integer Promotions
233(2)
Integer Promotion Applications
235(3)
Usual Arithmetic Conversions
238(4)
Usual Arithmetic Conversion Applications
242(2)
Type Conversion Summary
244(2)
Type Conversion Vulnerabilities
246(25)
Signed/Unsigned Conversions
246(2)
Sign Extension
248(11)
Truncation
259(6)
Comparisons
265(6)
Operators
271(6)
The sizeof Operator
271(1)
Unexpected Results
272(5)
Pointer Arithmetic
277(5)
Pointer Overview
277(1)
Pointer Arithmetic Overview
278(2)
Vulnerabilities
280(2)
Other C Nuances
282(14)
Order of Evaluation
282(2)
Structure Padding
284(3)
Precedence
287(1)
Macros/Preprocessor
288(1)
Typos
289(7)
Summary
296(1)
Program Building Blocks
297(90)
Introduction
297(1)
Auditing Variable Use
298(28)
Variable Relationships
298(9)
Structure and Object Mismanagement
307(5)
Variable Initialization
312(4)
Arithmetic Boundaries
316(3)
Type Confusion
319(2)
Lists and Tables
321(5)
Auditing Control Flow
326(13)
Looping Constructs
327(9)
Flow Transfer Statements
336(1)
Switch Statements
337(2)
Auditing Functions
339(23)
Function Audit Logs
339(1)
Return Value Testing and Interpretation
340(11)
Function Side-Effects
351(9)
Argument Meaning
360(2)
Auditing Memory Management
362(23)
ACC Logs
362(7)
Allocation Functions
369(8)
Allocator Scorecards and Error Domains
377(2)
Double-Frees
379(6)
Summary
385(2)
Strings and Metacharacters
387(72)
Introduction
387(1)
C String Handling
388(19)
Unbounded String Functions
388(5)
Bounded String Functions
393(7)
Common Issues
400(7)
Metacharacters
407(11)
Embedded Delimiters
408(3)
NUL Character Injection
411(3)
Truncation
414(4)
Common Metacharacter Formats
418(16)
Path Metacharacters
418(4)
C Format Strings
422(3)
Shell Metacharacters
425(4)
Perl open()
429(2)
SQL Queries
431(3)
Metacharacter Filtering
434(12)
Eliminating Metacharacters
434(5)
Escaping Metacharacters
439(2)
Metacharacter Evasion
441(5)
Character Sets and Unicode
446(11)
Unicode
446(4)
Windows Unicode Functions
450(7)
Summary
457(2)
Unix I: Privileges and Files
459(100)
Introduction
459(1)
Unix 101
460(4)
Users and Groups
461(1)
Files and Directories
462(2)
Processes
464(1)
Privilege Model
464(13)
Privileged Programs
466(2)
User ID Functions
468(7)
Group ID Functions
475(2)
Privilege Vulnerabilities
477(17)
Reckless Use of Privileges
477(2)
Dropping Privileges Permanently
479(7)
Dropping Privileges Temporarily
486(2)
Auditing Privilege-Management Code
488(3)
Privilege Extensions
491(3)
File Security
494(18)
File IDs
494(1)
File Permissions
495(3)
Directory Permissions
498(1)
Privilege Management with File Operations
499(1)
File Creation
500(3)
Directory Safety
503(1)
Filenames and Paths
503(4)
Dangerous Places
507(1)
Interesting Files
508(4)
File Internals
512(3)
File Descriptors
512(1)
Inodes
513(1)
Directories
514(1)
Links
515(11)
Symbolic Links
515(7)
Hard Links
522(4)
Race Conditions
526(12)
TOCTOU
527(1)
The stat() Family of Functions
528(4)
File Race Redux
532(1)
Permission Races
533(1)
Ownership Races
534(1)
Directory Races
535(3)
Temporary Files
538(9)
Unique File Creation
538(6)
File Reuse
544(2)
Temporary Directory Cleaners
546(1)
The Stdio File Interface
547(10)
Opening a File
548(2)
Reading from a File
550(5)
Writing to a File
555(1)
Closing a File
556(1)
Summary
557(2)
Unix II: Processes
559(66)
Introduction
559(1)
Processes
560(5)
Process Creation
560(2)
fork() Variants
562(1)
Process Termination
562(1)
fork() and Open Files
563(2)
Program Invocation
565(7)
Direct Invocation
565(5)
Indirect Invocation
570(2)
Process Attributes
572(39)
Process Attribute Retention
573(1)
Resource Limits
574(6)
File Descriptors
580(11)
Environment Arrays
591(18)
Process Groups, Sessions, and Terminals
609(2)
Interprocess Communication
611(7)
Pipes
612(1)
Named Pipes
612(2)
System VIPC
614(1)
UNIX Domain Sockets
615(3)
Remote Procedure Calls
618(6)
RPC Definition Files
619(3)
RPC Decoding Routines
622(1)
Authentication
623(1)
Summary
624(1)
Windows I: Objects and the File System
625(60)
Introduction
625(1)
Background
626(1)
Objects
627(9)
Object Namespaces
629(3)
Object Handles
632(4)
Sessions
636(11)
Security IDs
637(1)
Logon Rights
638(1)
Access Tokens
639(8)
Security Descriptors
647(7)
Access Masks
648(1)
ACL Inheritance
649(1)
Security Descriptors Programming Interfaces
649(3)
Auditing ACL Permissions
652(2)
Processes and Threads
654(5)
Process Loading
654(1)
ShellExecute and ShellExecuteEx
655(1)
DLL Loading
656(2)
Services
658(1)
File Access
659(21)
File Permissions
659(2)
The File I/O API
661(15)
Links
676(4)
The Registry
680(4)
Key Permissions
681(1)
Key and Value Squatting
682(2)
Summary
684(1)
Windows II: Interprocess Communication
685(70)
Introduction
685(1)
Windows IPC Security
686(3)
The Redirector
686(2)
Impersonation
688(1)
Window Messaging
689(9)
Window Stations Object
690(1)
The Desktop Object
690(1)
Window Messages
691(3)
Shatter Attacks
694(3)
DDE
697(1)
Terminal Sessions
697(1)
Pipes
698(7)
Pipe Permissions
698(1)
Named Pipes
699(1)
Pipe Creation
699(1)
Impersonation in Pipes
700(3)
Pipe Squatting
703(2)
Mailslots
705(1)
Mailslots Permissions
705(1)
Mailslot Squatting
706(1)
Remote Procedure Calls
706(19)
RPC Connections
706(1)
RPC Transports
707(1)
Microsoft Interface Definition Language
708(1)
IDL File Structure
708(2)
Application Configuration Files
710(1)
RPC Servers
711(5)
Impersonation in RPC
716(2)
Context Handles and State
718(3)
Threading in RPC
721(1)
Auditing RPC Applications
722(3)
COM
725(29)
COM: A Quick Primer
725(6)
DCOM Configuration Utility
731(1)
DCOM Application Identity
732(1)
DCOM Subsystem Access Permissions
733(1)
DCOM Access Controls
734(2)
Impersonation in DCOM
736(2)
MIDL Revisited
738(2)
Active Template Library
740(1)
Auditing DCOM Applications
741(8)
ActiveX Security
749(5)
Summary
754(1)
Synchronization and State
755(74)
Introduction
755(1)
Synchronization Problems
756(6)
Reentrancy and Asynchronous-Safe Code
757(2)
Race Conditions
759(1)
Starvation and Deadlocks
760(2)
Process Synchronization
762(21)
System V Process Synchronization
762(3)
Windows Process Synchronization
765(5)
Vulnerabilities with Interprocess Synchronization
770(13)
Signals
783(27)
Sending Signals
786(1)
Handling Signals
786(2)
Jump Locations
788(3)
Signal Vulnerabilities
791(18)
Signals Scoreboard
809(1)
Threads
810(15)
PThreads API
811(2)
Windows API
813(2)
Threading Vulnerabilities
815(10)
Summary
825(4)
III. Software Vulnerabilities in Practice
Network Protocols
829(62)
Introduction
829(2)
Internet Protocol
831(32)
IP Addressing Primer
832(2)
IP Packet Structures
834(2)
Basic IP Header Validation
836(8)
IP Options Processing
844(7)
Source Routing
851(2)
Fragmentation
853(10)
User Datagram Protocol
863(1)
Basic UDP Header Validation
864(1)
UDP Issues
864(1)
Transmission Control Protocol
864(26)
Basic TCP Header Validation
866(1)
TCP Options Processing
867(2)
TCP Connections
869(3)
TCP Streams
872(8)
TCP Processing
880(10)
Summary
890(1)
Firewalls
891(30)
Introduction
891(1)
Overview of Firewalls
892(4)
Proxy Versus Packet Filters
893(2)
Attack Surface
895(1)
Proxy Firewalls
895(1)
Packet-Filtering Firewalls
896(1)
Stateless Firewalls
896(9)
TCP
896(3)
UDP
899(2)
FTP
901(1)
Fragmentation
902(3)
Simple Stateful Firewalls
905(4)
TCP
905(1)
UDP
906(1)
Directionality
906(1)
Fragmentation
907(2)
Stateful Inspection Firewalls
909(5)
Layering Issues
911(3)
Spoofing Attacks
914(6)
Spoofing from a Distance
914(3)
Spoofing Up Close
917(2)
Spooky Action at a Distance
919(1)
Summary
920(1)
Network Application Protocols
921(86)
Introduction
921(1)
Auditing Application Protocols
922(15)
Collect Documentation
922(1)
Identify Elements of Unknown Protocols
923(4)
Match Data Types with the Protocol
927(8)
Data Verification
935(1)
Access to System Resources
935(2)
Hypertext Transfer Protocol
937(11)
Header Parsing
937(3)
Accessing Resources
940(1)
Utility Functions
941(1)
Posting Data
942(6)
Internet Security Association and Key Management Protocol
948(24)
Payloads
952(4)
Payload Types
956(15)
Encryption Vulnerabilities
971(1)
Abstract Syntax Notation (ASN.1)
972(12)
Basic Encoding Rules
975(1)
Canonical Encoding and Distinguished Encoding
976(1)
Vulnerabilities in BER, CER, and DER Implementations
977(2)
Packed Encoding Rules (PER)
979(4)
XML Encoding Rules
983(1)
XER Vulnerabilities
984(1)
Domain Name System
984(21)
Domain Names and Resource Records
984(2)
Name Servers and Resolvers
986(1)
Zones
987(1)
Resource Record Conventions
988(1)
Basic Use Case
989(1)
DNS Protocol Structure Primer
990(3)
DNS Names
993(3)
Length Variables
996(6)
DNS Spoofing
1002(3)
Summary
1005(2)
Web Applications
1007(76)
Introduction
1007(1)
Web Technology Overview
1008(6)
The Basics
1009(1)
Static Content
1009(1)
CGI
1009(1)
Web Server APIs
1010(1)
Server-Side Includes
1011(1)
Server-Side Transformation
1012(1)
Server-Side Scripting
1013(1)
HTTP
1014(13)
Overview
1014(3)
Versions
1017(1)
Headers
1018(2)
Methods
1020(2)
Parameters and Forms
1022(5)
State and HTTP Authentication
1027(13)
Overview
1028(1)
Client IP Addresses
1029(1)
Referer Request Header
1030(2)
Embedding State in HTML and URLs
1032(1)
HTTP Authentication
1033(3)
Cookies
1036(2)
Sessions
1038(2)
Architecture
1040(4)
Redundancy
1040(1)
Presentation Logic
1040(1)
Business Logic
1041(1)
N-Tier Architectures
1041(2)
Business Tier
1043(1)
Web Tier: Model-View-Controller
1044(2)
Problem Areas
1046(14)
Client Visibility
1046(1)
Client Control
1047(1)
Page Flow
1048(1)
Sessions
1049(7)
Authentication
1056(1)
Authorization and Access Control
1057(1)
Encryption and SSL/TLS
1058(1)
Phishing and Impersonation
1059(1)
Common Vulnerabilities
1060(15)
SQL Injection
1061(5)
OS and File System Interaction
1066(3)
XML Injection
1069(1)
XPath Injection
1070(1)
Cross-Site Scripting
1071(3)
Threading Issues
1074(1)
C/C++ Problems
1075(1)
Harsh Realities of the Web
1075(3)
Auditing Strategy
1078(3)
Summary
1081(2)
Web Technologies
1083(42)
Introduction
1083(1)
Web Services and Service-Oriented Architecture
1084(2)
SOAP
1085(1)
REST
1085(1)
AJAX
1085(1)
Web Application Platforms
1086(1)
CGI
1086(7)
Indexed Queries
1086(1)
Environment Variables
1087(4)
Path Confusion
1091(2)
Perl
1093(3)
SQL Injection
1093(1)
File Access
1094(1)
Shell Invocation
1095(1)
File Inclusion
1095(1)
Inline Evaluation
1095(1)
Cross-Site Scripting
1096(1)
Taint Mode
1096(1)
PHP
1096(9)
SQL Injection
1097(1)
File Access
1098(1)
Shell Invocation
1099(2)
File Inclusion
1101(1)
Inline Evaluation
1101(2)
Cross-Site Scripting
1103(1)
Configuration
1104(1)
Java
1105(8)
SQL Injection
1106(1)
File Access
1107(1)
Shell Invocation
1108(1)
File Inclusion
1108(1)
JSP File Inclusion
1109(1)
Inline Evaluation
1110(1)
Cross-Site Scripting
1110(1)
Threading Issues
1111(1)
Configuration
1112(1)
ASP
1113(5)
SQL Injection
1113(2)
File Access
1115(1)
Shell Invocation
1115(1)
File Inclusion
1116(1)
Inline Evaluation
1117(1)
Cross-Site Scripting
1118(1)
Configuration
1118(1)
ASP.NET
1118(5)
SQL Injection
1118(1)
File Access
1119(1)
Shell Invocation
1120(1)
File Inclusion
1120(1)
Inline Evaluation
1121(1)
Cross-Site Scripting
1121(1)
Configuration
1121(1)
ViewState
1121(2)
Summary
1123(2)
Bibliography 1125(4)
Index 1129

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Excerpts

Preface Preface "If popular culture has taught us anything, it is that someday mankind must face and destroy the growing robot menace." Daniel H. Wilson, How to Survive a Robot Uprising The past several years have seen huge strides in computer security, particularly in the field of software vulnerabilities. It seems as though every stop at the bookstore introduces a new title on topics such as secure development or exploiting software. Books that cover application security tend to do so from the perspective of software designers and developers and focus on techniques to prevent software vulnerabilities from occurring in applications. These techniques start with solid security design principles and threat modeling and carry all the way through to implementation best practices and defensive programming strategies. Although they serve as strong defensive foundations for application development, these resources tend to give little treatment to the nature of vulnerabilities; instead, they focus on how to avoid them. What's more, every development team can't start rebuilding a secure application from the ground up. Real people have to deal with huge existing codebases, in-place applications, and limited time and budget. Meanwhile, the secure coding mantra seems to be "If it smells bad, throw it out." That's certainly necessary in some cases, but often it's too expensive and time consuming to be reasonable. So you might turn your attention to penetration testing and ethical hacking instead. A wide range of information on this topic is available, and it's certainly useful for the acid test of a software system. However, even the most technically detailed resources have a strong focus on exploit development and little to no treatment on how to find vulnerabilities in the first place. This still leaves the hanging question of how to find issues in an existing application and how to get a reasonable degree of assurance that a piece of software is safe. This problem is exactly the one faced by those in the field of professional software security assessment. People are growing more concerned with building and testing secure systems, but very few resources address the practice of finding vulnerabilities. After all, this process requires a deep technical understanding of some very complex issues and must include a systematic approach to analyzing an application. Without formally addressing how to find vulnerabilities, the software security industry has no way of establishing the quality of a software security assessment or training the next generation in the craft. We have written this book in the hope of answering these questions and to help bridge the gap between secure software development and practical post-implementation reviews. Although this book is aimed primarily at consultants and other security professionals, much of the material will have value to the rest of the IT community as well. Developers can gain insight into the subtleties and nuances of how languages and operating systems work and how those features can introduce vulnerabilities into an application that otherwise appears secure. Quality assurance (QA) personnel can use some of the guidelines in this book to ensure the integrity of in-house software and cut down on the likelihood of their applications being stung by a major vulnerability. Administrators can find helpful guidelines for evaluating the security impact of applications on their networks and use this knowledge to make better decisions about future deployments. Finally, hobbyists who are simply interested in learning more about how to assess applications will find this book an invaluable resource (we hope!) for getting started in application security review or advancing their current skill sets. Prerequisites The majority of this book has been targeted at a level that any moderately experienced developer should find approachable. This means you need to be fairly comfortable with at least one programming language, and ideally, you should be familiar with basic C/C++ programming. At several stages throughout the book, we use Intel assembly examples, but we have attempted to keep them to a minimum and translate them into approximate C code when possible. We have also put a lot of effort into making the material as platform neutral as possible, although we do cover platform specifics for the most common operating systems. When necessary, we have tried to include references to additional resources that provide background for material that can't be covered adequately in this book. How to Use This Book Before we discuss the use of this book, we need to introduce its basic structure. The book is divided into three different parts: Part I: Introduction to Software Security Assessment (Chapters 1-4)--These chapters introduce the practice of code auditing and explain how it fits into the software development process. You learn about the function of design review, threat modeling, and operational review--tools that are useful for evaluating an application as a whole, and not just the code. Finally, you learn some generic high-level methods for performing a code review on any application, regardless of its function or size. Part II: Software Vulnerabilities (Chapters 5-13)--These chapters shift the focus of the book toward practical implementation review and address how to find specific vulnerabilities in an application's codebase. Major software vulnerability classes are described, and you learn how to discover high-risk security flaws in an application. Numerous real-world examples of security vulnerabilities are given to help you get a feel for what software bugs look like in real code. Part III: Software Vulnerabilities in Practice (Chapters 14-18)--The final portion of the book turns your attention toward practical uses of lessons learned from the earlier chapters. These chapters describe a number of common application classes and the types of bugs they tend to be vulnerable to. They also show you how to apply the technical knowledge gained from Part II to real-world applications. Specifically, you look at networking, firewalling technologies, and Web technologies. Each chapter in this section introduces the common frameworks and designs of each application class and identifies where flaws typically occur. You'll get the most value if you read this book straight through at least once so that you can get a feel for the material. This approach is best because we have tried to use each section as an opportunity to highlight techniques and tools that help you in performing application assessments. In particular, you should pay attention to the sidebars and notes we use to sum up the more important concepts in a section. Of course, busy schedules and impending deadlines can have a serious impact on your time. To that end, we want to lay out a few tracks of focus for different types of reviews. However, you should start with Part 1 (Chapters 1-4) because it establishes a foundation for the rest of the book. After that, you can branch out to the following chapters: UNIX track (Chapters 5-10, 13)--This chapter track starts off by covering common software vulnerability classes, such as memory corruption, program control flow, and specially formatted data. Then UNIX-centered security problems that arise because of quirks in the various UNIX operating systems are addressed. Finally, this track ends with coverage of synchronization vulnerabilities common to most platforms. Windows track (Chapters 5-8, 11-13)--This track starts off similarly to the UNIX track, by covering platform-neutral security problems. Then two chapters specifically address Windows APIs and their rela

Rewards Program