Olivier Langlois's blog

A C++ programmer blog from Montreal, QC
Home
Fractals
Tutorials
Books
Archive
My blog
My LinkedIn Profile

BOOKS i'm reading

Cryptography engineering, Niels Ferguson, Bruce Schneier, Tadayoshi Kohno, ISBN: 9780470474242
Advanced Programming in the UNIX(R) Environment (2nd Edition), W. Richard Stevens, Stephen A. Rago, ISBN:0201433079
Trading For a Living, Alexander Elder, ISBN:0471592242

mailto:olivier@olivierlanglois.net

Hunting Security Bugs

06/20/07

Permalink 09:39:22 pm, by lano1106 Email , 202 words, 274 views   English (CA)
Categories: Software security, Software security

Hunting Security Bugs

Hunting Security Bugs, Tom Gallagher, Lawrence Landauer, Bryan Jeffries, ISBN: 073562187X

Beside Bruce Schneier books, this is the second software security book that I am reading. The first being Building Secure Software: How to Avoid Security Problems the Right Way and I have prefered this one because it provides more concrete examples. The book consists of over 20 chapters covering different security areas. As a software developer, some chapters appeared less relevent and less interesting to me and I guess that it is because these chapters are geared principally toward testers.

However, at least 2 chapters should be extremely interesting and valuable to developers like myself. It is the chapters that demonstrate with step by step tutorials how a hacker would do to exploit buffer overflow and format string problems. I was already familiar with buffer overflows and I had read a similar chapter about them in Building Secure Software: How to Avoid Security Problems the Right Way but the format string exploits were new to me.

As expected since the book is published by Microsoft Press, the book has a strong bias torward Microsoft products (ie.: .NET and ActiveX controls security) but the presented topics are general enough to make this book very valuable even for users of other OSes and/or development tools.

PermalinkPermalink Leave a comment

Comments, Pingbacks:

No Comments/Pingbacks for this post yet...

This post has 1 feedback awaiting moderation...

Leave a comment:

Your email address will not be displayed on this site.
Your URL will be displayed.

Allowed XHTML tags: <p, ul, ol, li, dl, dt, dd, address, blockquote, ins, del, span, bdo, br, em, strong, dfn, code, samp, kdb, var, cite, abbr, acronym, q, sub, sup, tt, i, b, big, small>
(Line breaks become <br />)
(Set cookies for name, email and url)
(Allow users to contact you through a message form (your email will NOT be displayed.))

Olivier Langlois's blog

I want you to find in this blog informations about C++ programming that I had a hard time to find in the first place on the web.

February 2012
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29      

Search

Custom Search

Categories

Olivier Langlois's blog

Archives

Misc

XML Feeds

What is RSS?

Who's Online?

  • Guest Users: 2

powered by
b2evolution