. . All orders guaranteed and ship within 24 hours. Before placing your order for please contact us for confirmation on the book's binding. Check out our other listings to add to your order for discounted shipping.

Seller Inventory # WAL-N-5c-001655

Contact seller

Report this item

Bibliographic Details

Title: Exploiting Software: How to Break Code
Publisher: Addison-Wesley Professional
Publication Date: 2004
Language: English
ISBN 10: 0201786958
ISBN 13: 9780201786958
Binding: Soft cover
Condition: Good

About this title

Synopsis

Praise for Exploiting Software

“Exploiting Software highlights the most critical part of the software quality problem. As it turns out, software quality problems are a major contributing factor to computer security problems. Increasingly, companies large and small depend on software to run their businesses every day. The current approach to software quality and security taken by software companies, system integrators, and internal development organizations is like driving a car on a rainy day with worn-out tires and no air bags. In both cases, the odds are that something bad is going to happen, and there is no protection for the occupant/owner. This book will help the reader understand how to make software quality part of the design―a key change from where we are today!”

         ― Tony Scott
             Chief Technology Officer, IS&S
             General Motors Corporation

“It’s about time someone wrote a book to teach the good guys what the bad guys already know. As the computer security industry matures, books like Exploiting Software have a critical role to play.”

         ― Bruce Schneier
             Chief Technology Officer
             Counterpane
             Author of Beyond Fear and Secrets and Lies

“Exploiting Software cuts to the heart of the computer security problem, showing why broken software presents a clear and present danger. Getting past the ‘worm of the day’ phenomenon requires that someone other than the bad guys understands how software is attacked. This book is a wake-up call for computer security.”

― Elinor Mills Abreu
Reuters’ correspondent

“Police investigators study how criminals think and act. Military strategists learn about the enemy’s tactics, as well as their weapons and personnel capabilities. Similarly, information security professionals need to study their criminals and enemies, so we can tell the difference between popguns and weapons of mass destruction. This book is a significant advance in helping the ‘white hats’ understand how the ‘black hats’ operate. Through extensive examples and ‘attack patterns,’ this book helps the reader understand how attackers analyze software and use the results of the analysis to attack systems. Hoglund and McGraw explain not only how hackers attack servers, but also how malicious server operators can attack clients (and how each can protect themselves from the other). An excellent book for practicing security engineers, and an ideal book for an undergraduate class in software security.”

         ― Jeremy Epstein
             Director, Product Security & Performance
             webMethods, Inc.

“A provocative and revealing book from two leading security experts and world class software exploiters, Exploiting Software enters the mind of the cleverest and wickedest crackers and shows you how they think. It illustrates general principles for breaking software, and provides you a whirlwind tour of techniques for finding and exploiting software vulnerabilities, along with detailed examples from real software exploits. Exploiting Software is essential reading for anyone responsible for placing software in a hostile environment―that is, everyone who writes or installs programs that run on the Internet.”

         ― Dave Evans, Ph.D.
             Associate Professor of Computer Science
             University of Virginia

“The root cause for most of today’s Internet hacker exploits and malicious software outbreaks are buggy software and faulty security software deployment. In Exploiting Software, Greg Hoglund and Gary McGraw help us in an interesting and provocative way to better defend ourselves against malicious hacker attacks on those software loopholes. The information in this book is an essential reference that needs to be understood, digested, and aggressively addressed by IT and information security professionals everywhere.”

         ― Ken Cutler, CISSP, CISA
             Vice President, Curriculum Development & Professional Services,
             MIS Training Institute

“This book describes the threats to software in concrete, understandable, and frightening detail. It also discusses how to find these problems before the bad folks do. A valuable addition to every programmer’s and security person’s library!”

         ― Matt Bishop, Ph.D.
             Professor of Computer Science
             University of California at Davis
             Author of Computer Security: Art and Science

“Whether we slept through software engineering classes or paid attention, those of us who build things remain responsible for achieving meaningful and measurable vulnerability reductions. If you can’t afford to stop all software manufacturing to teach your engineers how to build secure software from the ground up, you should at least increase awareness in your organization by demanding that they read Exploiting Software. This book clearly demonstrates what happens to broken software in the wild.”

         ― Ron Moritz, CISSP
             Senior Vice President, Chief Security Strategist
             Computer Associates

“Exploiting Software is the most up-to-date technical treatment of software security I have seen. If you worry about software and application vulnerability, Exploiting Software is a must-read. This book gets at all the timely and important issues surrounding software security in a technical, but still highly readable and engaging, way. Hoglund and McGraw have done an excellent job of picking out the major ideas in software exploit and nicely organizing them to make sense of the software security jungle.”

         ― George Cybenko, Ph.D.
             Dorothy and Walter Gramm Professor of Engineering, Dartmouth
             Founding Editor-in-Chief, IEEE Security and Privacy

“This is a seductive book. It starts with a simple story, telling about hacks and cracks. It draws you in with anecdotes, but builds from there. In a few chapters you find yourself deep in the intimate details of software security. It is the rare technical book that is a readable and enjoyable primer but has the substance to remain on your shelf as a reference. Wonderful stuff.”

         ― Craig Miller, Ph.D.
             Chief Technology Officer for North America
             Dimension Data

“It’s hard to protect yourself if you don’t know what you’re up against. This book has the details you need to know about how attackers find software holes and exploit them―details that will help you secure your own systems.”

         ― Ed Felten, Ph.D.
             Professor of Computer Science
             Princeton University

“If you worry about software and application vulnerability, Exploiting Software is a must-read. This book gets at all the timely and important issues surrounding software security in a technical, but still highly readable and engaging way.”
         ―George Cybenko, Ph.D.
             Dorothy and Walter Gramm Professor of Engineering, Dartmouth
             Founding Editor-in-Chief, IEEE Security and Privacy Magazine

“Exploiting Software is the best treatment of any kind that I have seen on the topic of software vulnerabilities.”
         ―From the Foreword by Aviel D. Rubin
             Associate Professor, Computer Science
             Technical Director, Information Security Institute, Johns Hopkins University

How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.

Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.

This must-have book may shock you--and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about

Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits

Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software.

About the Author

Greg Hoglund has been a pioneer in the area of software security. He is CEO of HBGary, Inc., a leading provider of software security verification services. After writing one of the first network vulnerability scanners (installed in over half of all Fortune 500 companies), he created and documented the first Windows NT-based rootkit, founding rootkit.com in the process. Greg is a frequent speaker at Black Hat, RSA, and other security conferences.

Gary McGraw, Cigital's CTO, is a leading authority on software security. Dr. McGraw is coauthor of the groundbreaking books Building Secure Software and Exploiting Software (both from Addison-Wesley). While consulting for major software producers and consumers, he has published over ninety peer-reviewed technical publications, and functions as principal investigator on grants from DARPA, the National Science Foundation, and NIST's Advanced Technology Program. He serves on the advisory boards of Authentica, Counterpane, and Fortify Software. He is also an advisor to the computer science departments at University of California, Davis, and the University of Virginia, as well as the School of Informatics at Indiana University.

"About this title" may belong to another edition of this title.

Store Description

More Than Words (MTW) is a social enterprise that empowers youth who are in the foster care system, court involved, homeless, or out of school to take charge of their lives by taking charge of a business. By working as a team to manage their own retail and online used book business, caf�, and community space, youth develop the employment skills, leadership, and self-confidence they need to successfully transition to adulthood.

Visit Seller's Storefront

Seller's business information

More Than Words
376 Moody Street, Waltham, MA, 02453, U.S.A.

Sale & Shipping Terms

Terms of Sale

We guarantee the condition of every book as it�s described on the Abebooks web sites. If you�re dissatisfied with your purchase (Incorrect Book/Not as Described/Damaged) or if the order hasn�t arrived, you�re eligible for a refund within 30 days of the estimated delivery date. If you�ve changed your mind about a book that you�ve ordered, please use the Ask bookseller a question link to contact us and we�ll respond within 2 business days.

Right of cancellation

If you are a consumer you can cancel the contract in accordance with the following. Consumer means any natural person who is acting for purposes which are outside his trade, business, craft or profession.

INFORMATION REGARDING THE RIGHT OF CANCELLATION

Statutory Right to cancel

You have the right to cancel this contract within 14 days without giving any reason.

The cancellation period will expire after 14 days from the day on which you acquire, or a third party other than the carrier and indicated by you acquires, physical possession of the the last good or the last lot or piece.

To exercise the right to cancel, you must inform us, More Than Words, 376 Moody Street, 02453, Waltham, Massachusetts, U.S.A., 1 781-788-0035, of your decision to cancel this contract by a clear statement (e.g. a letter sent by post, fax or e-mail). You may use the attached model cancellation form, but it is not obligatory. You can also electronically fill in and submit a clear statement on our website, under "My Purchases" in "My Account". If you use this option, we will communicate to you an acknowledgement of receipt of such a cancellation on a durable medium (e.g. by e-mail) without delay.

To meet the cancellation deadline, it is sufficient for you to send your communication concerning your exercise of the right to cancel before the cancellation period has expired.

Effects of cancellation

If you cancel this contract, we will reimburse to you all payments received from you, including the costs of delivery (except for the supplementary costs arising if you chose a type of delivery other than the least expensive type of standard delivery offered by us).

We may make a deduction from the reimbursement for loss in value of any goods supplied, if the loss is the result of unnecessary handling by you.

We will make the reimbursement without undue delay, and not later than 14 days after the day on which we are informed about your decision to cancel with contract.

We will make the reimbursement using the same means of payment as you used for the initial transaction, unless you have expressly agreed otherwise; in any event, you will not incur any fees as a result of such reimbursement.

We may withhold reimbursement until we have received the goods back or you have supplied evidence of having sent back the goods, whichever is the earliest.

You shall send back the goods or hand them over to us or More Than Words, 376 Moody Street, 02453, Waltham, Massachusetts, U.S.A., 1 781-788-0035, without undue delay and in any event not later than 14 days from the day on which you communicate your cancellation from this contract to us. The deadline is met if you send back the goods before the period of 14 days has expired. You will have to bear the direct cost of returning the goods. You are only liable for any diminished value of the goods resulting from the handling other than what is necessary to establish the nature, characteristics and functioning of the goods.

Exceptions to the right of cancellation

The right of cancellation does not apply to:

the delivery of newspapers, journals or magazines with the exception of subscription contracts; and
the supply of digital content (including ebooks) which is not supplied on a tangible medium (e.g. on a CD or DVD) if you accepted when you placed your order that we could start to deliver it, and that you could not cancel it once delivery had started.

Model withdrawal form

(complete and return this form only if you wish to withdraw from the contract)

To: (More Than Words, 376 Moody Street, 02453, Waltham, Massachusetts, U.S.A., 1 781-788-0035)

I/We (*) hereby give notice that I/We (*) withdraw from my/our (*) contract of sale of the following goods (*)/for the provision of the following goods (*)/for the provision of the following service (*),

Ordered on (*)/received on (*)

Name of consumer(s)

Address of consumer(s)

Signature of consumer(s) (only if this form is notified on paper)

Date

* Delete as appropriate.

Shipping Terms

Shipping costs are based on books weighing 2.2 LB, or 1 KG. If your book order is heavy or oversized, we may contact you to let you know extra shipping is required.

Shipping rates within U.S.A.

Shipping rates within U.S.A.
Order quantity	5 to 14 business days	3 to 6 business days
First item	� 2.99	� 5.25

Delivery times are set by sellers and vary by carrier and location. Orders passing through Customs may face delays and buyers are responsible for any associated duties or fees. Sellers may contact you regarding additional charges to cover any increased costs to ship your items.