Spotting the Sin Pattern

Previous page
Table of content
Next page

This sin usually occurs when:

  • An application uses a network

  • Designers overlook or underestimate network-level risks

For example, a common argument is, we expect this port will only be available from behind a firewall. In practice, most network security incidents have some insider element to them, be it a disgruntled or bribed employee, friend of an employee, janitor, customer, or vendor visiting the place of business, or so on. Plus, its not uncommon to assume a firewall, only to have some deployments be different. And how many people do you know who have had network connectivity issues so they disable their firewalls, and once the issue is resolved they forget to reenable it? On a large network with many entry points, the notion of a protected internal network is obsolete. Large internal networks should be thought of as semi-public, semi- hostile environments.


Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Beginning Cryptography with Java
The .NET Developers Guide to Directory Services Programming
Mastering Delphi 7
Special Edition Using Crystal Reports 10
Junos Cookbook (Cookbooks (OReilly))
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy