A disturbing, subversive book. And I mean this in a positive sense. Hogland and McGraw explain the major ways in which software can be attacked. They describe how reverse engineering can be done, even if all you have is binary code to work on. Given a disassembler and a decompiler, and these exist for all the major platforms, you can systematically apply white box, black box and grey box analysis to deconstruct a program. They show how attacks can be done against servers, because nowadays on the net, servers are often tempting, fat targets. But from your standpoint, if you wish to defend against these attacks, you really need to be aware of the issues they raises. 'Know the enemy'. Plus, they also show how a server could attack, or be used to attack, unsuspecting clients that connect to it. Of course, buffer overflows are the most commonly known source of attacks. Thus an entire chapter is devoted to this. PHP users may not be thrilled to hear that it is fundamentally insecure. Its ease of learning and coding comes with this heavy price. Still, it is all the more reason that PHP users and sysadmins running web servers that use PHP, should be aware of the dangers in it. The book is not a trivial read. The authors give detailed examples at the level of the x86 assembler. A strong background in this and in C/C++ will give you the greatest benefit when studying the book.
Table of Contents Attack Patterns Foreword Preface Acknowledgments 1 Software - The Root of the Problem 1 2 Attack Patterns 37 3 Reverse Engineering and Program Understanding 71 4 Exploiting Server Software 147 5 Exploiting Client Software 201 6 Crafting (Malicious) Input 233 7 Buffer Overflow 277 8 Rootkits 367 References 449 Index 453
Product Details
* ISBN: 0201786958 * ISBN-13: 9780201786958 * Format: Paperback, 470pp * Publisher: Addison-Wesley |