Secure%20Coding - PowerPoint PPT Presentation

About This Presentation
Title:

Secure%20Coding

Description:

Best Practices General (cont.) Set Permissions to Minimal Required (Least Privilege ... Don't Offload Security to the Client. Centralize I/O Check Functions ... – PowerPoint PPT presentation

Number of Views:845
Avg rating:3.0/5.0
Slides: 20
Provided by: wea9
Learn more at: http://www.dc214.org
Category:

less

Transcript and Presenter's Notes

Title: Secure%20Coding


1
Secure Coding
Weaselnomad mobile research centre
2
Introduction
3
Outline
  • Vulnerabilities Overview
  • Types of Vulnerabilities
  • General
  • Language Specific
  • Best Practices
  • General
  • Language Specific
  • Tools
  • Conclusion
  • Q A
  • Links

4
Vulnerabilities
5
Types of Vulnerabilities
  • Buffer Attacks
  • Buffer Overflow
  • Buffer Parsing
  • Format String Attacks
  • s in logging/debugging routines
  • Race Conditions
  • World writeable temp files
  • Server/Client MITM
  • Authentication Attacks
  • Authorization Attacks
  • Holes in Authorization Mechanism
  • Too Much Trust of User Input
  • Cryptography Attacks
  • Weak Algorithms
  • Poor Implementation

6
Best Practices
7
Best Practices - General
  • Protect User Input
  • Restrict Input (and Output) to Acceptable
    Characters
  • Restrict and Flush the Buffer Properly
  • Use Well-Tested Code
  • Especially for Parsing
  • Code Reviews
  • By !You
  • Prioritize and Schedule
  • Policies and Guidelines
  • Comprehensive Guidelines w/ Sign-off
  • Enforce the Policy
  • Set PATH Environment Variable

8
Best Practices General (cont.)
  • Set Permissions to Minimal Required (Least
    Privilege Principle)
  • Dont Use Copy Functions that Do Not Check the
    Buffer Length
  • Dont Offload Security to the Client
  • Centralize I/O Check Functions
  • Validate/Be Aware Environment Variables (i.e. an
    altered IFS to change command line switches, or
    multiple entries for the same var)
  • Robust Error Handling(Fail Safe)

9
Best Practices - C
  • Use Protected Sting Functions
  • strncpy() gt strcpy()
  • strncat() gt strcat()
  • snprintf() gt sprintf()
  • fgets() gt gets()
  • Use exec() instead of system()
  • buffer /bin/ls /bin/cp /etc/shadow /shadow
  • system(buffer)
  • /bin/ls
  • /bin/cp /etc/shadow /shadow
  • exec(buffer)
  • /bin/passwd

10
Best Practices Web
  • Strip/Deny Unwanted User Input
  • Meta Characters
  • Value Assignments
  • Check Buffer Length Upon Input/Output/Copy
  • Parse with Well-Known Libraries
  • i.e. CGI.pm for Perl
  • Dont Store Access Information in Accessible
    Sources
  • You never know when MOD_PHP is going to dump your
    source

11
Tools
Credit to John Marchesini
12
Tools Black Box Testing
  • Passive Monitoring
  • Wired Sniffing Ethereal, tcpdump, Sniffer Pro
    (Ettercap for switched)
  • Wireless Sniffing Kismet, Airsnort, etc
  • IDS/IPS (very limited use)
  • Active Attacks
  • Local Attacks QA Applications, Macro Tools
  • Remote Attacks Netcat, telnet

13
Tools Component Testing
  • Library and API Calls, Persistant State
  • strace, ltrace (nix)
  • Sysinternals.com (several Windows Tools)
  • System Tools top, ps, etc
  • Runtime Injection
  • BEAST
  • Reverse Engineering
  • Disassemblers/Debuggers
  • SoftICE, DataRescues IDA Pro, OllyDbg

14
Tools Source Code Review
  • RATS, Flawfinder, ITS4, Klocwork (Static)
  • CodeAssure Suite(both Static and Binary)
  • NOTE As with many security tools, or tools in
    general, these tools provide output for analysis,
    they do not replace a skilled reviewer.

15
Conclusion
16
Q A
17
Links
  • Secure Programming for Linux and UNIX HOWTO
    Creating Secure Software
  • http//www.dwheeler.com/secure-programs
  • Secure UNIX Programming FAQ
  • http//www.whitefang.com/sup
  • NCSA Secure Programming Guidelines
  • http//archive.ncsa.uiuc.edu/Grid/ACES/security/pr
    ogramming
  • How to Write Secure Code
  • http//www.shmoo.com/securecode
  • SECPROG
  • http//www.securityfocus.com/frames/?content/foru
    ms/secprog/intro.html
  • INFOCUS Secure Coding David Wong
  • http//www.securityfocus.com/infocus/1596

18
Links - Tools
SPIKE http//www.resources-freesoftware.shtml BEA
ST http//www.sisecure.com/company/ourtechnology/b
east.shtml ltrace http//freshmeat.net/projects/l
trace Ethereal http//www.ethereal.com Netcat ht
tp//netcat.sourceforge.net IDA
Pro http//www.datarescue.com Flawfinder http//w
ww.dwheeler.com/flawfinder
19
Links Tools (Cont.)
ITS4 http//www.citigal.com/its4/ Kismet http//w
ww.kismetwireless.net/ Klocwork http//www.klocwo
rk.com/products/inspect.asp OllyDbg http//home.t
-online.de/home/Ollydbg Ettercap http//ettercap.
sourceforge.net RATS http//www.securesoftware.co
m SoftICE www.compuware.com/products/driverstudio
/softice.html
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Secure%20Coding" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!