Writing Secure Code, Second Edition
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
EAN: 2147483647
Year: 2005
Pages: 153
Pages: 153
Authors: Michael Howard, David LeBlanc
- Cover
- LOC Page
- Dedication
- Foreword
- Acknowledgments
- Introduction
- Who Should Read This Book
- Organization of This Book
- About the Companion CD
- System Requirements
- Disclaimer
- The Need for Secure Systems
- Applications on the Wild Wild Web
- Getting Everyone s Head in the Game
- Some Ideas for Instilling a Security Culture
- Designing Secure Systems
- Two Common Security Mistakes
- Security Principles to Live By
- Security Design by Threat Modeling
- Security Techniques
- Back to the Example Payroll Application
- A Cornucopia of Threats and Solutions
- Public Enemy 1: The Buffer Overrun
- Static Buffer Overruns
- Heap Overruns
- Array Indexing Errors
- Format String Bugs
- Unicode and ANSI Buffer Size Mismatches
- Preventing Buffer Overruns
- Good News on the Horizon
- Determining Good Access Control
- Why ACLs Are Important
- What Makes Up an ACL?
- A Method of Choosing Good ACLs
- Creating ACLs
- NULL DACLs and Other Dangerous ACE Types
- Other Access Control Mechanisms
- Running with Least Privilege
- Least Privilege in the Real World
- Brief Overview of Access Control
- Brief Overview of Privileges
- Brief Overview of Tokens
- How Tokens, Privileges, SIDs, ACLs, and Processes Relate
- A Process for Determining Appropriate Privilege
- Low-Privilege Service Accounts in Windows XP and Windows .NET Server
- Debugging Least-Privilege Issues
- Cryptographic Foibles
- Using Poor Random Numbers
- Using Passwords to Derive Cryptographic Keys
- Poor Key Management
- Rolling Your Own Cryptographic Functions
- Using the Same Stream-Cipher Encryption Key
- Bit-Flipping Attacks Against Stream Ciphers
- Reusing a Buffer for Plaintext and Ciphertext
- Storing Secrets
- Attack Methods
- Sometimes You Don t Need to Store a Secret
- Getting the Secret from the User
- Storing Secrets in Windows 2000 and Windows XP
- Storing Secrets in Windows NT 4
- Storing Secrets in Windows 95, Windows 98, Windows Me, and Windows CE
- Raising the Security Bar
- An Idea: Using External Devices to Encrypt Secret Data
- Canonical Representation Issues
- What Does Canonical Mean, and Why Is It a Problem?
- A Bit of History
- Common Windows Canonicalization Mistakes
- Preventing Canonicalization Mistakes
- A Final Thought: Non-File-Based Canonicalization Issues
- Socket Security
- Avoiding Server Hijacking
- Choosing Server Interfaces
- Accepting Connections
- Writing Firewall-Friendly Applications
- Spoofing and Host-Based and Port-Based Trust
- Securing RPC, ActiveX Controls, and DCOM
- An RPC Primer
- Secure RPC Best Practices
- Secure DCOM Best Practices
- An ActiveX Primer
- Secure ActiveX Best Practices
- Protecting Against Denial of Service Attacks
- Application Failure Attacks
- CPU Starvation Attacks
- Memory Starvation Attacks
- Resource Starvation Attacks
- Network Bandwidth Attacks
- Securing Web-Based Services
- Never Trust User Input
- Web-Specific Canonicalization Bugs
- Other Web-Based Security Topics
- Writing Secure .NET Code
- Buffer Overruns and the Common Language Runtime
- Storing Secrets in .NET
- Always Demand Appropriate Permissions
- Overzealous Use of Assert
- Further Information Regarding Demand and Assert
- Don t Be Afraid to Refuse Permissions
- Validate Data from Untrusted Sources
- Be Thread-Aware in ASP.NET
- Disable Tracing and Debugging Before Deploying ASP.NET Applications
- Generating Good Random Numbers by Using the .NET Framework
- Deserializing Data from Untrusted Sources
- Don t Tell the Attacker Too Much When You Fail
- SOAP Ponderings
- Some Final Thoughts
- Testing Secure Applications
- The Role of the Security Tester
- Security Testing Is Different
- Getting Started
- Building the Security Test Plan
- Testing Clients with Rogue Servers
- Should a User See or Modify That Data?
- Testing with Security Templates
- Test Code Should Be of Great Quality
- Test the End-to-End Solution
- Slightly Off-Topic: Code Reviews
- Secure Software Installation
- Principle of Least Privilege
- Using the Security Configuration Editor
- Low-Level Security APIs
- General Good Practices
- Protecting Customer Privacy
- Don t Tell the Attacker Anything
- Double-Check Your Error Paths
- Keep It Turned Off
- Kernel-Mode Mistakes
- Consider Adding Security Comments to Code
- Leverage the Operating System
- Don t Rely on Users Making Good Decisions
- Calling CreateProcess Securely
- Don t Create SharedWritable Segments
- Using Impersonation Functions Correctly
- Don t Write User Files to Program Files
- Don t Write User Data to HKLM
- Don t Open Objects for FULL_CONTROL or ALL_ACCESS
- Object Creation Mistakes
- Creating Temporary Files Securely
- Client-Side Security Is an Oxymoron
- Samples Are Templates
- Dogfood Your Stuff
- You Owe It to Your Users If...
- Determining Access Based on an Administrator SID
- Allow Long Passwords
- Appendix A
- Appendix B
- Appendix C
- Appendix D
- A Final Thought
- Annotated Bibliography
- Michael Howard
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
EAN: 2147483647
Year: 2005
Pages: 153
Pages: 153
Authors: Michael Howard, David LeBlanc