Picture 1 of 1
Picture 1 of 1
How to Break Software Security by James A. Whittaker and Herbert Thompson
US $29.98
Condition:
Shipping:
Located in: South Ozone Park, New York, United States
Delivery:
Estimated between Thu, Jun 6 and Mon, Jun 10 to 43230
Returns:
Payments:
Special financing available. See terms and apply now- for PayPal Credit, opens in a new window or tab
Earn up to 5x points when you use your eBay Mastercard®. Learn moreabout earning points with eBay Mastercard
Shop with confidence
Seller assumes all responsibility for this listing.
eBay item number:184241599672
Item specifics
- Condition
- Publisher
- Addison-Wesley Longman, Incorporated
- Edition Number
- 2
- Illustrated
- Yes
- ISBN
- 9780321194336
- Publication Year
- 2003
- Type
- Textbook
- Format
- Trade Paperback
- Language
- English
- Publication Name
- How to Break Software Security
- Item Height
- 0.4in
- Item Length
- 9.1in
- Item Width
- 7in
- Item Weight
- 13 Oz
- Number of Pages
- 208 Pages
About this product
Product Information
How to Break Software Security describes the general problem of software security in a practical perspective from a software tester's point of view. It defines prescriptive techniques (attacks that testers can use on their own software) that are designed to ferret out security vulnerabilities in software applications. The book's style is easy to read and provides readers with the techniques and advice to hunt down security bugs and see that they're destroyed before the software is released. Accompanying the book is a CD-ROM containing Holodeck, which tests for security vulnerabilities. There are also a number of bug-finding tools, freeware, and an easy-to-use port scanner included on the CD-ROM.
Product Identifiers
Publisher
Addison-Wesley Longman, Incorporated
ISBN-10
0321194330
ISBN-13
9780321194336
eBay Product ID (ePID)
2365782
Product Key Features
Publication Name
How to Break Software Security
Format
Trade Paperback
Language
English
Publication Year
2003
Type
Textbook
Number of Pages
208 Pages
Dimensions
Item Length
9.1in
Item Height
0.4in
Item Width
7in
Item Weight
13 Oz
Additional Product Features
Lc Classification Number
Qa76.9.A25w48 2003
Table of Content
(Chapters 1-6 conclude with a "Conclusion," "Exercises," and "References." Chapter 7 concludes with a "Conclusion" and "References" and the Appendices conclude with only "References.") Preface. Dedication. Chapter Summaries. I. INTRODUCTION. 1. A Fault Model for Software Security Testing. Why Security Testing is Different. A Fault Model for Security Vulnerabilities. Security Concerns and the How to Break Software Fault Model. Creating an Attack Plan. A Note on Format. II. CREATING UNANTICIPATED USER INPUT SCENARIOS. 2. Attacking Software Dependencies. First Attack: Block access to libraries. Second Attack: Manipulate the application's registry values. Third Attack: Force the application to use corrupt files. Fourth Attack: Manipulate and replace files that the application creates, reads from, writes to or executes. Fifth Attack: Force the application to operate in low memory, disk space and network availability conditions. Summary: A Checklist for Battle. 3. Breaking Security through the User Interface. First Attack: Overflow input buffers. Second Attack: Examine all common switches and options. Third Attack: Explore escape characters, character sets and commands. Summary: A Checklist for Battle. III. DESIGN AND IMPLEMENTATION ATTACKS. 4. Attacking Design. First Attack: Try common default and test account names and passwords. Second Attack: Use Holodeck to expose unprotected test APIs. Third Attack: Connect to all ports. Fourth Attack: Fake the source of data. Fifth Attack: Create loop conditions in any application that interprets script, code or other user supplied logic. Sixth Attack: Use alternate routes to accomplish the same task. Seventh Attack: Force the system to reset values. Summary: A Checklist for Battle. 5. Attacking Implementation. First Attack: Get between time of check and time of use. Second Attack: Create files with the same name as files protected with a higher classification. Third Attack: Force all error messages. Fourth Attack: Use Holodeck to look for temporary files and screen their contents for sensitive information. Summary: A Checklist for Battle. IV. APPLYING THE ATTACKS. 6. Putting it All Together. Pre-Attack Preparations. Opponent#1: Microsoft Windows Media Player 9.0 (Windows). Opponent#2: Mozilla 1.2.1 (Windows). Opponent#3: OpenOffice.org 1.0.2 (Linux). V. CONCLUSION. 7. Some Parting Advice. How Secure is Secure? Mining Gold from Bug Databases. Final Words of Wisdom. APPENDICES. Glossary of Coding, Testing, and Software Security Terms. Appendix A. Using the Tools on the Accompanying CD. Surveying the Tools. Holodeck. Port Scanner. Appendix B. Software's Invisible Users. Where Errors Slip In. The Human User. The Operating System User. The API User. The File System User. Index.
Copyright Date
2004
Target Audience
College Audience
Topic
Software Development & Engineering / General, Security / General
Lccn
2003-048202
Dewey Decimal
005.8
Dewey Edition
21
Genre
Computers
Item description from the seller
Seller assumes all responsibility for this listing.
eBay item number:184241599672
Shipping and handling
Item location:
South Ozone Park, New York, United States
Ships to:
Albania, Andorra, Anguilla, Antigua and Barbuda, Argentina, Aruba, Australia, Austria, Bahamas, Bahrain, Belgium, Belize, Bermuda, Bhutan, Bolivia, Bosnia and Herzegovina, Brunei Darussalam, Bulgaria, Cambodia, Canada, Cayman Islands, Chile, Colombia, Costa Rica, Cyprus, Czech Republic, Denmark, Dominican Republic, Ecuador, El Salvador, Estonia, Fiji, Finland, France, Germany, Gibraltar, Greece, Greenland, Grenada, Guatemala, Guyana, Haiti, Honduras, Hong Kong, Hungary, Iceland, Indonesia, Ireland, Israel, Jamaica, Japan, Jordan, Kiribati, Kuwait, Laos, Latvia, Lebanon, Liechtenstein, Lithuania, Luxembourg, Macau, Macedonia, Malaysia, Maldives, Monaco, Montenegro, Montserrat, Nauru, Netherlands, New Zealand, Nicaragua, Norway, Oman, Panama, Papua New Guinea, Peru, Philippines, Poland, Portugal, Qatar, Republic of Croatia, Romania, Saint Kitts-Nevis, Saint Lucia, Saint Vincent and the Grenadines, San Marino, Saudi Arabia, Serbia, Singapore, Slovakia, Slovenia, Solomon Islands, South Korea, Spain, Suriname, Sweden, Switzerland, Taiwan, Thailand, Tonga, Trinidad and Tobago, Turkey, Turks and Caicos Islands, United Arab Emirates, United Kingdom, Vanuatu, Vatican City State, Vietnam, Wallis and Futuna, Western Samoa, Worldwide
Excludes:
Afghanistan, Africa, Armenia, Azerbaijan Republic, Bangladesh, Barbados, Brazil, China, French Guiana, French Polynesia, Georgia, Guadeloupe, India, Iraq, Italy, Kazakhstan, Kyrgyzstan, Libya, Malta, Martinique, Mexico, Moldova, Mongolia, Nepal, New Caledonia, Pakistan, Paraguay, Reunion, Russian Federation, Sri Lanka, Tajikistan, Turkmenistan, Ukraine, Uruguay, Uzbekistan, Venezuela, Yemen
Shipping and handling | To | Service | Delivery*See Delivery notes |
---|---|---|---|
Free shipping | United States | Economy Shipping (USPS Media MailTM) | Estimated between Thu, Jun 6 and Mon, Jun 10 to 43230 |
US $8.50 | United States | Expedited Shipping (USPS Priority Mail®) | Estimated between Thu, Jun 6 and Sat, Jun 8 to 43230 |
US $34.99 | United States | Expedited Shipping (USPS Priority Mail Express®) | Estimated between Wed, Jun 5 and Thu, Jun 6 to 43230 |
Handling time |
---|
Will usually ship within 1 business day of receiving cleared payment. |
Taxes |
---|
Taxes may be applicable at checkout. Learn moreLearn more about paying tax on eBay purchases. |
Return policy
Return policy details |
---|
Seller does not accept returns |
Refer to eBay Return policyopens in a new tab or window for more details. You are covered by the eBay Money Back Guaranteeopens in a new tab or window if you receive an item that is not as described in the listing.
Payment details
Payment methods
Seller feedback (81)
m***r (32)- Feedback left by buyer.
Past 6 months
Verified purchase
Arrived on time, in perfect condition!
s***_ (199)- Feedback left by buyer.
Past year
Verified purchase
A+ Seller. Item exactly as described. Item packaged very well. Fast Shipping. Highly recommended.
n***d (1335)- Feedback left by buyer.
More than a year ago
Verified purchase
The perfect seller! Fast email and shipment; HIGHLY RECOMMENDED!!!!!!!!!!!!!!!!
Product ratings and reviews
More to explore :
- James Howe Fiction Paperbacks Books,
- Fiction Books & James Howe Fiction,
- Fiction Books & James Howe Fiction in English,
- James Howe Hardcover Illustrated Fiction Books,
- James Howe It Fiction Fiction & Nonfiction Books,
- Fiction Books & Frank Herbert Fiction,
- Nonfiction Books Fiction & Frank Herbert,
- Fiction Books & Brian Herbert Fiction,
- Frank Herbert Fiction & Signed Fiction Books,
- Frank Herbert Hardcover Illustrated Fiction Books