Sunday, March 25, 2007
Cohen on Howard: Chapter 15
Chapter 15 covers security for networks.
Cohen:
Cohen's joke is especially funny when you realize that David LeBlanc, a co-author of the book, produced the SafeInt library to prevent integer overflow attacks...while working for Microsoft Office.
Cohen:
Cohen's review does a poor job of describing what is missing here. The chapter covers how to prevent local applications from hijacking a server's port, limiting attack surface by binding as narrowly as possible to an interface and the insecurities of DNS as well as how to write firewall-friendly applications, amongst other things.
Cohen:
In Part 3, my hopes were dashed. Yes, part 2 continues in part 3. The separation is apparently only a trick to meet an administrative requirement of maximum section sizes, or perhaps a limitation of Word based on an integer overrun.
Cohen's joke is especially funny when you realize that David LeBlanc, a co-author of the book, produced the SafeInt library to prevent integer overflow attacks...while working for Microsoft Office.
Cohen:
Chapter 15 does a poor job of handling network issues with the exception of providing some reasonable advice on building firewall-friendly applications.
Cohen's review does a poor job of describing what is missing here. The chapter covers how to prevent local applications from hijacking a server's port, limiting attack surface by binding as narrowly as possible to an interface and the insecurities of DNS as well as how to write firewall-friendly applications, amongst other things.
