SACL (system audit access check), enabling, 105
/SafeSEH, 3, 11
browser defenses, 133
buffer overrun protection, 67–72
SAL annotation, 3
buffers, 3–4
bug prevention, 2
C/C++ string buffers, 2, 3–8
example of, 4–5
in existing code, 7–8
macros, 5–7
syntaxes, 3
Salazar, Abby, persona, 17
Salazar, Toby, persona, 17
sal.h header file, 8
salts, and PIN protection, 154
Saltzer, Jerome H., 110
SAML (Security Assertion Markup Language), 156
SCdEnrl, 148
Schroeder, Michael D., 119
screen-scraper attacks, 158
script URLs, Internet Explorer 7, 132
scripting languages, 121
SDDL. See Security Descriptor Definition Language (SDDL)
secure socket extensions, 83–85
Secure Sockets Layer and Transport Layer Security (SSL/TLS). See SSL/TLS (Secure Sockets Layer and Transport Security Layer)
Security Assertion Markup Language (SAML), 156
security bugs.
See also bugs
browser-related, 121–122
buffer-related, 2
symlink-related, 45
security defenses, 163.
See also specific defenses
Security Descriptor Definition Language (SDDL), 37–38
integrity masks, 40
owner SIDs, 160–161
SIDs, 102
Security Development Lifecycle (SDL), 3, 8
Security Development Lifecycle, The (Howard and Lipner), 1
security event log, 163, 171–172
security ID (SID). See SIDs (security IDs)
security log, generating entries, 104
security models (integrity models), 40
security quality gate, 3
buffers and, 4
security quality requirements, 3–11
Security Support Provider Interface (SSPI), 84, 117
security token service (STS), 152
SendMessage, 24
Serpent encryption, 137, 138
server authentication, and phishing, 153
service accounts, 99–102
Service Configuration Manager (SCM) access configuration, 43
service control manager (SCM), 98
service principal name (SPN), 84
service providers, and Information Card, 152
service SIDs, 100–102
ServiceMain function, 98
ServiceRestricted, 108
services
desktop communication, 110–117
lessons, 117–118
network access control, 107–110
overview, 97–99
privilege reduction, 102–107
service accounts, 99–102
SeTakeOwnership, 161
/setintegritylevel argument, 38
SetMIC tool, and low-integrity testing, 37
SetSecurityDescriptorDacl, 118
SetServiceStatus, 98
SetSystemFileCacheSize, 107
SetThreadToken, 17
SetTokenInformation, failure of, 37
SHA-1, 136
SHA-2, 139
SHA512, 9
shared memory, 112
shatter attacks, 24, 110
shell codes, ease of obtaining, 61
ShellExecute function, 24–25
SHGetKnownFolderPath, 124
shield icon, 27
shims, no virtualization, 31
Shipworm, 78
SHLoadIndirectString, 90
SideBar, Windows, 181
SIDs (security IDs), 15, 17
deny, 19–20
integrity, 24
low-integrity, creating, 35–36
owner, and authentication/authorization, 159–161
and service accounts, 100–102
textual, creation of, 165
sign-in abandonment (drop-offs), reducing, 152
signing
Authenticode, 44
code, 44, 169
documents, 9
Information Card, 151
“Signing and Checking Code with Authenticode” (MSDN), 44
Simonyi, Charles, 8
simple message boxes, 112
SiteLock, 131
size_t argument, 6
Skape (aka Matt Miller), 60
Skywing (aka Ken Johnson), 60
smartcards, 152
sockets, 116–117
software, defects in, 49–50
sound files, 121
source buffers, 8
source strings, constant, 8
sources and sinks, 117
spoofing attacks, 158, 171
SpyNet, 169
spyware protection, 167–168
SSL2, 132–133
SSL3, 132–133
SSL/TLS (Secure Sockets Layer and Transport Security Layer), 135, 137, 144–145
CardSpace connection, 155
phishing attacks, 153, 155
revocation checking and OCSP, 145–147
Security Support Provider, 144
server authentication, 153
stack buffers, and stack protection, 50
stack diagram, sample, 66
stack randomization, 51, 54–55
Standard Annotation Language (SAL). See SAL annotation
standard user accounts, 13–14, 15
Standard User Analyzer tool, 42–44, 46
StartService, 118
static analysis, 3
strcat function, 11
strcpy function, 11, 173
string buffers, and SAL annotation, 3–8
string constants, 137
structured exception handlers (SEH), 67
“Structured Exception Handling” (MSDN), 67
Suite B requirements, 135, 137, 139, 144, 148
Sun Solaris operating system, and NX, 60
SvcName, 109
symbolic links (symlinks), 45
symlinks, 45
symmetric NATs, 80
syntax, SAL, 3
SysAllocString, 109
SysFreeString, 109
system ACL (SACL), and integrity level setting, 37
system audit access check (SACL), enabling, 105
system environment, manipulating, 105
system time, modifying, 45, 106
system-wide object warnings, 43
System.IdentityModel namespace, 157
System.InvalidOperationException, 143