Avoiding the CWE/SANS Top 25 Most Dangerous Programming Errors
Links from the class materials and other supplemental information, grouped by chapter:
Chapter 1: Introduction
Chapter 2: Secure Software Engineering
Links from the text:
Chapter 3: Security and the software development life cycle
Links from the text:
- NIST SP 800-64
- Standards for Security Categorization of Federal Information and Information Systems is FIPS 199
- Secure Software Development Life Cycle Processes by Noopur Davis
- The emperor's old clothes by Charles Antony Richard Hoare
- Misuse and Abuse Cases: Getting Past the Positive by Paco Hope and Gary McGraw
- WEP insecurity
- The TI transponder cracking
- Info about the TCP design issues and security
- ``The Code Red Worm'' by Hal Berghel, Communications of the ACM, vol 44, no 12, December, 2001
- CERT Vulnerability Note VU#684820
- Lecture notes for Introduction to Security---Fall '05 by Steve Bellovin
- CERT Secure Coding Standards
- Validating C and C++ for Safety and Security: A structured approach to manual code review
- Nimda information from ``All public hospitals in Gothenburg Sweden crippled by Nimda'' by Peter Hakanson, Forum on Risks to the Public in Computers and Related Systems, ACM Committee on Computers and Public Policy, vol 21, no 67, October, 2001
- Morris worm information
- Inside the Slammer worm by Moore et al.
- Misplaced Trust: Kerberos 4 Session Keys in Proceedings of the 1997 Symposium on Network and Distributed System Security
- CERT Vulnerability Note VU#623217
- ``A Trend Analysis of Exploitations'' by Hilary K. Browne, John McHugh, William A. Arbaugh, and William L. Fithen, University of Maryland CS department technical report CS-TR-4200 and UMIACS-TR-2000-76
- ``Windows of Vulnerability: A Case Study Analysis'' by William A. Arbaugh, William L. Fithen, and John McHugh, in IEEE Computer Volume: 33, Number: 12, Pages: 52--59
Chapter 4: Input validation
Links from the text:
Additional links, not from the course text, or, software needed for the chapter:
FCserver.class
FCserver.java Java version
FCserver.cpp C++ version
Chapter 5: Avoiding SQL injection
Links from the text:
Additional links, not from the course text, or, software needed for the chapter:
bblookup.java Java program for lab
postgresql-8.3-605.jdbc4.jar
(Java) This class archive might be needed to use the database.
bblookup.cpp C++ program for lab using libpg
To compile:
c++ -lpq -o bblookup bblookup.cpp
bblookup-libpqxx.cpp C++ program for lab using libpqxx
To compile:
c++ -lpq -lpqxx -o bblookup-libpqxx bblookup-libpqxx.cpp
Chapter 6: Avoiding OS command injection
Links from the text:
Additional links, not from the course text, or, software needed for the chapter:
c++cmdinject.c
cmdinject.java
Chapter 7: Producing clean output
Links from the text:
Additional links, not from the course text, or, software needed for the chapter:
logbox.jar Run by
java -jar logbox.jar
Or in some cases just by double-clicking on it.
logbox.zip Source for logbox (from Eclipse).
syslogger.cpp Compile by:
g++ -o syslogger syslogger.cpp
Chapter 8: Cross-site scripting
Links from the text:
Chapter 9: Cross-site request forgery (CSRF)
Links from the text:
Chapter 10: Logging and error messages
Links from the text:
Chapter 11: Cryptography Fundamentals
Links from the text:
Chapter 12: Using cryptography to enhance security
Links from the text:
- OWASP's Guide to Cryptography
- NIST Special Publications (800 Series)
- FIPS Home Page
- The TI RFID transponder cracking
- WEP insecurity
- Halderman et al., ``Lest We Remember: Cold Boot Attacks on Encryption Keys''
- HP JetDirect password vulnerability
- AccessData
- CERT Advisory CA-1993-15
- Word 98 Insecurity
- Microsoft Security Bulletin (MS98-005) Unwanted Data Issue with Office 98 for the Macintosh
- Microsoft Office Security, part two by Khushbu Jithra
- Guidelines for Extended Validation Certificates
- Security certificate warnings don't work, researchers say by Robert McMillan
- Microsoft Security Bulletin MS01-017
- Microsoft, VeriSign, and Certificate Revocation by Gregory L. Guerin
- Crying Wolf: An Empirical Study of SSL Warning Effectiveness by Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor
- Wikipedia entry on EFF DES cracker
- SHA-1 hash function under pressure
- Schneier on Security, August 17, 2005
- OpenSSL timing attacks
- An alternate version of information about OpenSSL timing attacks
- Smart Card Technology and Security
- Smart Card Security (Section 3)
- The Internet Archive copy of Visual Studio Enables the Programmable Web
- Mark O'Neill's Web Services Security
- Why applying standards to Web services is not enough by Viega, J. and Epstein, J.
- Battered, but not broken: understanding the WPA crack by Glenn Fleishman
- Tutorial: How to Crack WPA/WPA2
- Analysis of the SSL 3.0 protocol by David Wagner and Bruce Schneier
- Nessus
- OpenSSL
- Stunnel
- SSL Digger
- Open Source Vulnerability Database (OSVDB)
Chapter 13: Authentication
Links from the text:
Chapter 14: Least privilege
Links from the text:
- Saltzer, J.H. and Schroeder, M.D., The Protection of information in computer systems
- Least Privilege by Sean Barnum and Michael Gegick
- Build Security In Home
- Wikipedia entry on least privilege
- Applying the Principle of Least Privilege to User Accounts on Windows XP
- Least-Privilege Technology Still Swimming Upstream, But Making Progress by Tim Wilson
- The evolution of Java security by Larry Koved, Anthony Nadalin, Don Neal, and Tim Lawson
- Preventing Privilege Escalation by Niels Provos, Markus Friedl and Peter Honeyman, 12th USENIX Security Symposium, Washington, DC, August 2003.
- Information about Gentoo portage and privilege separation
- Postfix information
- Postfix security discussion
- How to design secure network applications based on privilege separation by Denis Ducamp
- picture of OpenSSH privilege separation
- OpenBSD NTP daemon in OpenBSD 3.6 (and later)
Chapter 15: Authorization and Access Control
Links from the text:
Chapter 16: State and the web
Links from the text:
Chapter 17: Stack overflows for C/C++
Chapter 18: Other buffer overflows for C/C++
Chapter 19: Buffer overflows and interpreted languages
Chapter 20: Race conditions
Links from the text:
Chapter 21: Resource access
Chapter 22: Resource management
Chapter 23: Coding errors
SkillBridge Training
Examples from the class notes (or,
all as one file).
Selected Solutions from the class notes (no
looking until you have solved the problems!). Note that all solutions
are in an appendix of your course book.
All solutions in a compressed tar file.
Evaluation form (if needed)