The Software Vulnerability Guide
In today's market, secure software is a must for consumers. Many developers, however, are not familiar with the techniques needed to produce secure code or detect existing vulnerabilities. The Software Vulnerability Guide helps developers and testers better understand the underlying security flaws in software and provides an easy-to-use reference for security bugs. Most of these bugs (and the viruses, worms, and exploits that derive from them) start out as programmer mistakes. With this guide, professional programmers and testers will learn how to find, fix, and prevent these vulnerabilities before their software reaches the market. Detailed explanations and examples are provided for each of the vulnerabilities, as well as a summary sheet that can be referenced quickly. Tools that make it easier to recognize and prevent vulnerabilities are also explored, and source code snippets, commentary, and techniques are provided in easy-to-read sidebars. This guide is a must have for today's software developers.
Review By: Cathy Bell
08/14/2006In "The Software Vulnerability Guide," the authors illustrate how bugs enter into a computer system, how to test for vulnerabilities in a system, and how these vulnerabilities can be thwarted. Today's corporations and individual consumers are aware of how much security flaws can cost in terms of damages and tarnished reputations. These costs are a keen reminder to software producers that software needs to be deployed with security in mind.
The authors remind readers that building software to meet specifications is often not sufficient to prevent security defects. There can be a chasm between code that is secure and code that is correct.
Part one of the book defines commonly used terms, reviews the basics of computer security including legal issues surrounding security testing, and gives a simple explanation of TCP/IP networking including definitions for common network components. Also included is a review of available tools for finding security vulnerabilities. Parts two through six take an in-depth look at specific software vulnerabilities, explains how attacks exploit these vulnerabilities, and how to find and fix these flaws. The authors conclude the book by giving insight into the future of security testing.
Readers are advised to keep up with current vulnerabilities and to strive to improve their knowledge of computer security through training, conferences, reading trade journals, and even looking into security certification. The CD-ROM included contains example of code and projects, as well as links to tool vendors.
The authors refer to this book as “a field guide to security software vulnerabilities.” In today’s security-conscious society, it is no longer acceptable to release products with known security flaws that are easily cracked or hacked. As the authors point out, the mystique of the hacker is largely a fabrication of the media; the hackers do not want people to realize their expertise is limited to a small portion of code. The authors write, “To build and deploy systems, we must know the tools and techniques of our adversaries." And the authors strive to do just that--teach readers what a hacker will exploit, how he will exploit it, and what we can do to prevent flaws from surfacing in our code. It’s just like we've always heard: An ounce of prevention is worth a pound of cure. The book is easy to read and makes a good reference for both testers and developers.
Review By: Paul Nicholson
08/14/2006"The Software Vulnerability Guide," written by Herbert H. Thompson and Scott G. Chase, offers a practical guide for developers to use when avoiding or correcting software security vulnerabilities. The book is equally useful for testers to detect these flaws. No security background is assumed, but by the end of each chapter readers will know enough to be able to take concrete action.
The book targets developers and testers who have minimal-to-intermediate experience in the field of software security. The book is divided into five parts, each providing a logical grouping of security attacks:
- System-level attacks--password vulnerabilities, permission problems,
embedded script languages - Data parsing--well known buffer overflows, format string attacks
- Information disclosure--passwords stored in plain text, temporary files
- "On the wire" attacks--spoofing and man-in-the-middle attacks, and
volunteering too much information - Issues affecting Web sites--parameter tampering, SQL injection attacks
Each chapter describes the attacks in detail. The authors are clearly knowledgeable about the subject matter, and the writing style is easy to follow. They present code exhibiting the attacks, generally broken into discrete blocks with accompanying explanations. They also provide sections on finding and fixing the vulnerabilities. Each chapter ends with a summary of the attacks and their potential impact, information on how to find them, and some of the more publicized examples of failures caused by these attacks. The summary sections would be good for sharing with management or for refreshing your memory.
To fully understand the more complicated attacks, you’ll want to compile the code provided on CD (for Windows users) and step through a debugger. But many attacks are simple enough and so clearly explained that a quick read will provide all that’s needed for a developer to start writing safer code or a tester to hunt for these vulnerabilities. For testers, an added bonus on the CD is a collection of common testing tools including protocol analyzers and password crackers.
It’s easy to skip around in the book. Read only the chapters relevant to your current work if you’re under a tight deadline, but do yourself a favor and read it all later, because almost everything is relevant to many applications.
Some may argue that the information provided here might fall into the wrong hands and be used for nefarious purposes. But these exploits and even tools to implement them are readily available to hackers today. For those of us unwilling to travel what the authors call "the back alleys of the information superhighway," this book provides a valuable service. Get yourself a copy, and catch your security vulnerabilities before someone else does.
Summary:
An included CD contains source code examples and useful testing tools.