By Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
Final Release Date: November 2007
The black hats have kept up with security enhancements. Haveyou?
In the technological arena, three years is a lifetime. Since thefirst edition of this book was published in 2004, built-in securitymeasures on compilers and operating systems have becomecommonplace, but are still far from perfect. Arbitrary-codeexecution vulnerabilities still allow attackers to run code oftheir choice on your system—with disastrous results.
In a nutshell, this book is about code and data and what happenswhen the two become confused. You'll work with the basic buildingblocks of security bugs—assembler, source code, the stack,the heap, and so on. You'll experiment, explore, and understand thesystems you're running—and how to better protect them.
Become familiar with security holes in Windows, Linux, Solaris,Mac OS X, and Cisco's IOS
Learn how to write customized tools to protect your systems, notjust how to use ready-made ones
Use a working exploit to verify your assessment when auditing anetwork
Use proof-of-concept exploits to rate the significance of bugsin software you're developing
Assess the quality of purchased security products by performingpenetration tests based on the information in this book
Understand how bugs are found and how exploits work at thelowest level
The Shellcoder's Handbook, 2nd Edition
Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte