Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL


xviii Introduction development process, including buffer overflows, race conditions, input vali- dation attacks, authentication attacks, authorization attacks, and cryptographic attacks, and how we might mitigate these by following secure coding guide- lines. We talk about Web security, the areas of concern on both the client-side issues and server side of the technology. We introduce database security and cover protocol issues, unauthenticated access, arbitrary code execution, and privilege escalation, and the measures that we might take to mitigate such issues. Lastly, we examine security tools from an application perspective, including sniffers such as Wireshark, fuzzing tools including some developed by Microsoft, and Web application analysis tools such as Burp Suite in order to better secure our applications. CONCLUSION Writing this book was an adventure for the author, as always. We hope that you enjoy the end result and that we expand your view into the world of informa- tion security. The security world can be an interesting and, at times, hair-raising field to work in. Welcome and good luck!