Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Coding Weasel nomad mobile research centre.

Published byHillary Henderson Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Coding Weasel nomad mobile research centre."— Presentation transcript:

1 Secure Coding Weasel nomad mobile research centre

2 Introduction

3 Vulnerabilities Overview Types of Vulnerabilities –General –Language Specific Best Practices –General –Language Specific Tools Conclusion Q & A Links Outline

4 Vulnerabilities

5 Types of Vulnerabilities Buffer Attacks –Buffer Overflow –Buffer Parsing Format String Attacks –%s in logging/debugging routines Race Conditions –World writeable temp files –Server/Client MITM Authentication Attacks Authorization Attacks –Holes in Authorization Mechanism –Too Much Trust of User Input Cryptography Attacks –Weak Algorithms –Poor Implementation

6 Best Practices

7 Best Practices - General Protect User Input –Restrict Input (and Output) to Acceptable Characters –Restrict and Flush the Buffer Properly Use Well-Tested Code –Especially for Parsing Code Reviews –By !You –Prioritize and Schedule Policies and Guidelines –Comprehensive Guidelines w/ Sign-off –Enforce the Policy Set PATH Environment Variable

8 Best Practices – General (cont.) Set Permissions to Minimal Required (Least Privilege Principle) Don’t Use Copy Functions that Do Not Check the Buffer Length Don’t Offload Security to the Client Centralize I/O Check Functions Validate/Be Aware Environment Variables (i.e. an altered IFS to change command line switches, or multiple entries for the same var) Robust Error Handling(Fail Safe)

9 Best Practices - C Use Protected Sting Functions –strncpy() > strcpy() –strncat() > strcat() –snprintf() > sprintf() –fgets() > gets() Use exec() instead of system() –$buffer = “/bin/ls; /bin/cp /etc/shadow ~/shadow” –system($buffer); # /bin/ls # /bin/cp /etc/shadow ~/shadow –exec($buffer); # /bin/passwd

10 Best Practices – Web Strip/Deny Unwanted User Input –Meta Characters –Value Assignments Check Buffer Length Upon Input/Output/Copy Parse with Well-Known Libraries –i.e. CGI.pm for Perl Don’t Store Access Information in Accessible Sources –You never know when MOD_PHP is going to dump your source

11 Tools Credit to John Marchesini

12 Tools – Black Box Testing –Passive Monitoring Wired Sniffing – Ethereal, tcpdump, Sniffer Pro (Ettercap for switched) Wireless Sniffing – Kismet, Airsnort, etc IDS/IPS (very limited use) –Active Attacks Local Attacks – QA Applications, Macro Tools Remote Attacks – Netcat, telnet

13 Tools – Component Testing – Library and API Calls, Persistant State strace, ltrace (*nix) Sysinternals.com (several Windows Tools) System Tools – top, ps, etc… –Runtime Injection BEAST –Reverse Engineering Disassemblers/Debuggers –SoftICE, DataRescue’s IDA Pro, OllyDbg

14 Tools – Source Code Review RATS, Flawfinder, ITS4, Klocwork (Static) CodeAssure Suite(both Static and Binary) NOTE: As with many security tools, or tools in general, these tools provide output for analysis, they do not replace a skilled reviewer.

15 Conclusion

16 Q & A

17 Links Secure Programming for Linux and UNIX HOWTO – Creating Secure Software http://www.dwheeler.com/secure-programs Secure UNIX Programming FAQ http://www.whitefang.com/sup NCSA Secure Programming Guidelines http://archive.ncsa.uiuc.edu/Grid/ACES/security/programming How to Write Secure Code http://www.shmoo.com/securecode SECPROG http://www.securityfocus.com/frames/?content=/forums/secprog/intro.html INFOCUS – Secure Coding – David Wong http://www.securityfocus.com/infocus/1596

18 Links - Tools SPIKE http://www.resources-freesoftware.shtml BEAST http://www.sisecure.com/company/ourtechnology/beast.shtml ltrace http://freshmeat.net/projects/ltrace Ethereal http://www.ethereal.com Netcat http://netcat.sourceforge.net IDA Pro http://www.datarescue.com Flawfinder http://www.dwheeler.com/flawfinder

19 Links – Tools (Cont.) ITS4 http://www.citigal.com/its4/ Kismet http://www.kismetwireless.net/ Klocwork http://www.klocwork.com/products/inspect.asp OllyDbg http://home.t-online.de/home/Ollydbg Ettercap http://ettercap.sourceforge.net RATS http://www.securesoftware.com SoftICE www.compuware.com/products/driverstudio/softice.html

Download ppt "Secure Coding Weasel nomad mobile research centre."

Similar presentations

Operating System Security

Operating System Security
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.

Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
UNIX Chapter 01 Overview of Operating Systems Mr. Mohammad A. Smirat.

UNIX Chapter 01 Overview of Operating Systems Mr. Mohammad A. Smirat.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Software and Software Vulnerabilities. Synopsis Array overflows Stack overflows String problems Pointer clobbering. Dynamic memory management Integer.

Software and Software Vulnerabilities. Synopsis Array overflows Stack overflows String problems Pointer clobbering. Dynamic memory management Integer.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Flawfinder N ă stase George-Daniel MSI2. About Written in python Relatively fast(examined approx. 17milion lines of code in about 6.5minutes) Extremely.

Flawfinder N ă stase George-Daniel MSI2. About Written in python Relatively fast(examined approx. 17milion lines of code in about 6.5minutes) Extremely.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.

Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
OWASP Mobile Top 10 Why They Matter and What We Can Do

OWASP Mobile Top 10 Why They Matter and What We Can Do
CS252: Systems Programming Ninghui Li Final Exam Review.

CS252: Systems Programming Ninghui Li Final Exam Review.
Secure Software Development Mini Zeng University of Alabama in Huntsville 1.

Secure Software Development Mini Zeng University of Alabama in Huntsville 1.

Similar presentations

Ads by Google