Liknande böcker
Exploiting Software
Bok av Greg Hoglund
Praise for Exploiting Software
Exploiting Software highlights the most critical part of the software quality problem. As it turns out, software quality problems are a major contributing factor to computer security problems. Increasingly, companies large and small depend on software to run their businesses every day. The current approach to software quality and security taken by software companies, system integrators, and internal development organizations is like driving a car on a rainy day with worn-out tires and no air bags. In both cases, the odds are that something bad is going to happen, and there is no protection for the occupant/owner. This book will help the reader understand how to make software quality part of the designa key change from where we are today!
Tony Scott
Chief Technology Officer, IS&S
General Motors Corporation
Its about time someone wrote a book to teach the good guys what the bad guys already know. As the computer security industry matures, books like Exploiting Software have a critical role to play.
Bruce Schneier
Chief Technology Officer
Counterpane
Author of Beyond Fear and Secrets and Lies
Exploiting Software cuts to the heart of the computer security problem, showing why broken software presents a clear and present danger. Getting past the worm of the day phenomenon requires that someone other than the bad guys understands how software is attacked. This book is a wake-up call for computer security.
Elinor Mills Abreu
Reuters correspondent
Police investigators study how criminals think and act. Military strategists learn about the enemys tactics, as well as their weapons and personnel capabilities. Similarly, information security professionals need to study their criminals and enemies, so we can tell the difference between popguns and weapons of mass destruction. This book is a significant advance in helping the white hats understand how the black hats operate. Through extensive examples and attack patterns, this book helps the reader understand how attackers analyze software and use the results of the analysis to attack systems. Hoglund and McGraw explain not only how hackers attack servers, but also how malicious server operators can attack clients (an...