37,15 €*
Versandkostenfrei per Post / DHL
auf Lager, Lieferzeit 1-2 Werktage
In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system--with disastrous results.
In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs--assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running--and how to better protect them.
* Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS
*
Learn how to write customized tools to protect your systems, not just how to use ready-made ones
*
Use a working exploit to verify your assessment when auditing a network
*
Use proof-of-concept exploits to rate the significance of bugs in software you're developing
*
Assess the quality of purchased security products by performing penetration tests based on the information in this book
*
Understand how bugs are found and how exploits work at the lowest level
In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system--with disastrous results.
In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs--assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running--and how to better protect them.
* Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS
*
Learn how to write customized tools to protect your systems, not just how to use ready-made ones
*
Use a working exploit to verify your assessment when auditing a network
*
Use proof-of-concept exploits to rate the significance of bugs in software you're developing
*
Assess the quality of purchased security products by performing penetration tests based on the information in this book
*
Understand how bugs are found and how exploits work at the lowest level
John Heasman is the Director of Research at NGSSoftware. He is a prolific security researcher and has published many security advisories in enterprise level software. He has a particular interest in rootkits and has authored papers on malware persistence via device firmware and the BIOS. He is also a co-author of The Database Hacker's Handbook: Defending Database Servers (Wiley 2005).
Felix "FX" Linder leads SABRE Labs GmbH, a Berlin-based professional consulting company specializing in security analysis, system design creation, and verification work. Felix looks back at 18 years of programming and over a decade of computer security consulting for enterprise, carrier, and software vendor clients. This experience allows him to rapidly dive into complex systems and evaluate them from a security and robustness point of view, even in atypical scenarios and on arcane platforms. In his spare time, FX works with his friends from the Phenoelit hacking group on different topics, which have included Cisco IOS, SAP, HP printers, and RIM BlackBerry in the past.
Gerardo Richarte has been doing reverse engineering and exploit development for more than 15 years non-stop. In the past 10 years he helped build the technical arm of Core Security Technologies, where he works today. His current duties include developing exploits for Core IMPACT, researching new exploitation techniques and other low-level subjects, helping other exploit writers when things get hairy, and teaching internal and external classes on assembly and exploit writing. As result of his research and as a humble thank you to the community, he has published some technical papers and open source projects, presented in a few conferences, and released part of his training material. He really enjoys solving tough problems and reverse engineering any piece of code that falls in his reach just for the fun of doing it.
2. Stack Overflows.
3. Shellcode.
4. Introduction to Format String Bugs.
5. Introduction to Heap Overflows.
6. The Wild World of Windows.
7. Windows Shellcode.
8. Windows Overflows.
9. Overcoming Filters.
10. Introduction to Solaris Exploitation.
11. Advanced Solaris Exploitation.
12. OS X Shellcode.
13. Cisco IOS Exploitation.
14. Protection Mechnisms.
15. Establishing a Working Environment.
16. Fault Injection.
17. The Art of Fuzzing.
18. Source Code Auditing: Finding Vulnerabilities in C-Based Languages.
19. Instrumented Investigation: A Manual Approach.
20. Tracing For Vulnerabilities.
21. Binary Auditing: Hacking Closed Source Software.
22. Alternative Payload Strategies.
23. Writing Exploits that Work in the Wild.
24. Attacking Database Software.
25. Unix Kernel Overflows.
26. Exploiting Unix Kernel Vulnerabilities.
27. Hacking the Windows Kernel.
| Erscheinungsjahr: | 2007 |
|---|---|
| Genre: | Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Medium: | Taschenbuch |
| Seiten: | 752 |
| Inhalt: | 752 S. |
| ISBN-13: | 9780470080238 |
| ISBN-10: | 047008023X |
| Sprache: | Englisch |
| Herstellernummer: | 14508023000 |
| Einband: | Kartoniert / Broschiert |
| Autor: |
Anley, Chris
Lindner, Felix Richarte, Gerardo Heasman, John |
| Hersteller: |
John Wiley & Sons
John Wiley & Sons Inc |
| Maße: | 239 x 194 x 46 mm |
| Von/Mit: | Chris Anley (u. a.) |
| Erscheinungsdatum: | 10.08.2007 |
| Gewicht: | 1,226 kg |
John Heasman is the Director of Research at NGSSoftware. He is a prolific security researcher and has published many security advisories in enterprise level software. He has a particular interest in rootkits and has authored papers on malware persistence via device firmware and the BIOS. He is also a co-author of The Database Hacker's Handbook: Defending Database Servers (Wiley 2005).
Felix "FX" Linder leads SABRE Labs GmbH, a Berlin-based professional consulting company specializing in security analysis, system design creation, and verification work. Felix looks back at 18 years of programming and over a decade of computer security consulting for enterprise, carrier, and software vendor clients. This experience allows him to rapidly dive into complex systems and evaluate them from a security and robustness point of view, even in atypical scenarios and on arcane platforms. In his spare time, FX works with his friends from the Phenoelit hacking group on different topics, which have included Cisco IOS, SAP, HP printers, and RIM BlackBerry in the past.
Gerardo Richarte has been doing reverse engineering and exploit development for more than 15 years non-stop. In the past 10 years he helped build the technical arm of Core Security Technologies, where he works today. His current duties include developing exploits for Core IMPACT, researching new exploitation techniques and other low-level subjects, helping other exploit writers when things get hairy, and teaching internal and external classes on assembly and exploit writing. As result of his research and as a humble thank you to the community, he has published some technical papers and open source projects, presented in a few conferences, and released part of his training material. He really enjoys solving tough problems and reverse engineering any piece of code that falls in his reach just for the fun of doing it.
2. Stack Overflows.
3. Shellcode.
4. Introduction to Format String Bugs.
5. Introduction to Heap Overflows.
6. The Wild World of Windows.
7. Windows Shellcode.
8. Windows Overflows.
9. Overcoming Filters.
10. Introduction to Solaris Exploitation.
11. Advanced Solaris Exploitation.
12. OS X Shellcode.
13. Cisco IOS Exploitation.
14. Protection Mechnisms.
15. Establishing a Working Environment.
16. Fault Injection.
17. The Art of Fuzzing.
18. Source Code Auditing: Finding Vulnerabilities in C-Based Languages.
19. Instrumented Investigation: A Manual Approach.
20. Tracing For Vulnerabilities.
21. Binary Auditing: Hacking Closed Source Software.
22. Alternative Payload Strategies.
23. Writing Exploits that Work in the Wild.
24. Attacking Database Software.
25. Unix Kernel Overflows.
26. Exploiting Unix Kernel Vulnerabilities.
27. Hacking the Windows Kernel.
| Erscheinungsjahr: | 2007 |
|---|---|
| Genre: | Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Medium: | Taschenbuch |
| Seiten: | 752 |
| Inhalt: | 752 S. |
| ISBN-13: | 9780470080238 |
| ISBN-10: | 047008023X |
| Sprache: | Englisch |
| Herstellernummer: | 14508023000 |
| Einband: | Kartoniert / Broschiert |
| Autor: |
Anley, Chris
Lindner, Felix Richarte, Gerardo Heasman, John |
| Hersteller: |
John Wiley & Sons
John Wiley & Sons Inc |
| Maße: | 239 x 194 x 46 mm |
| Von/Mit: | Chris Anley (u. a.) |
| Erscheinungsdatum: | 10.08.2007 |
| Gewicht: | 1,226 kg |
Ähnliche Produkte
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Werktage
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Wochen
Aktuell nicht verfügbar
Lieferzeit 1-2 Werktage
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Wochen
