s SECURE SYSTEMS DESIGN in Font

Printing DataMatrix in Font s SECURE SYSTEMS DESIGN

CHAPTER 2 s SECURE SYSTEMS DESIGN
DataMatrix Generator In None
Using Barcode encoder for Font Control to generate, create DataMatrix image in Font applications.
www.OnBarcode.com
Print Data Matrix 2d Barcode In None
Using Barcode creator for Font Control to generate, create Data Matrix ECC200 image in Font applications.
www.OnBarcode.com
/* Parse the HTTP request. */ StringTokenizer st = new StringTokenizer (request, " "); command = st.nextToken(); pathname = st.nextToken(); } catch (Exception e) { osw.write ("HTTP/1.0 400 Bad Request\n\n"); osw.close(); return; } In the preceding code, note that the calls to the StringTokenizer are enclosed in a try...catch block. Should anything go wrong during the parsing of the HTTP request, the catch handler will be invoked, the client will be notified that the request was bad, and the connection to the client will be closed.
Printing UCC - 12 In None
Using Barcode creation for Font Control to generate, create UPC-A Supplement 2 image in Font applications.
www.OnBarcode.com
Code 39 Full ASCII Generator In None
Using Barcode creator for Font Control to generate, create Code 39 Full ASCII image in Font applications.
www.OnBarcode.com
2.5.2. Sharing Requirements with Quality Assurance (QA)
PDF 417 Creation In None
Using Barcode maker for Font Control to generate, create PDF-417 2d barcode image in Font applications.
www.OnBarcode.com
Generate Code 128C In None
Using Barcode encoder for Font Control to generate, create Code 128 image in Font applications.
www.OnBarcode.com
If a company uses a well-designed software development process, the requirements should be provided to at least two sets of people: (1) the designers and implementers of the software and (2) the testers that make up the quality assurance (QA) team. The designers and implementers produce code, and the testers generate test plans based on the requirements. One might imagine that given the preceding requirement, a tester might generate a test case for a malformed HTTP request. A client simply sending a carriage return as an HTTP request is one type of a malformed HTTP request. There are, of course, many other types of malformed HTTP requests that could be generated. (For examples, see the Crafting Malicious Input chapter in Exploiting Software: How to Break Code, by Greg Hoglund and Gary McGraw.) If a test plan for SimpleWebServer covered malformed HTTP headers, then the hope is that the vulnerability would get caught during testing. However, without proper requirements, it may be hard to generate a good test plan, and hence hard to prevent software security vulnerabilities. When test plans are generated, there should not only be test cases that test the functional correctness of the software, but there should also be test cases generated for security. A functional test case tests that a software feature functions correctly when provided proper input. On the other hand, a security test case tests that a software feature does not malfunction when provided improper or malicious input. Some companies hire both functional QA and security QA engineers, who are responsible for generating different types of test cases. Even with a good test plan, there may be an infinite number of HTTP requests with malformed headers that one can construct, and it is not sufficient to rely only on cases in a test plan the code that processes HTTP headers should be manually inspected for security holes in addition to correctness and performance during code review. While such a vulnerability in the web server seems overly simplistic, similar types of vulnerabilities do occur in real-world software. A vulnerability in which sending a packet of data may cause a server to crash or shut down unexpectedly is called a ping-of-death or packet-ofdeath attack. For instance, Nokia developed a wireless gateway router called a GGSN that was susceptible to such a vulnerability (Whitehouse, Grand, and Hassick 2003). The Nokia GGSN is a specialized router that accepts data packets that are sent to it from wireless phones over a generalized packet radio service (GPRS) network, and forwards those packets on to the Internet. Unfortunately, due to a software bug in IP packet processing code in the gateway, if a
Barcode Generator In None
Using Barcode printer for Font Control to generate, create Barcode image in Font applications.
www.OnBarcode.com
Encode GS1 - 12 In None
Using Barcode drawer for Font Control to generate, create GS1 - 12 image in Font applications.
www.OnBarcode.com
CHAPTER 2 s SECURE SYSTEMS DESIGN
Painting Data Matrix ECC200 In None
Using Barcode generation for Office Word Control to generate, create Data Matrix image in Microsoft Word applications.
www.OnBarcode.com
Create Data Matrix In None
Using Barcode drawer for Office Excel Control to generate, create Data Matrix image in Office Excel applications.
www.OnBarcode.com
single wireless phone user sent an IP data packet with a TCP Option field set to the value 0xFF, the GGSN would shut down and wireless data service would become unavailable to all users of that GGSN.
Painting Linear Barcode In C#.NET
Using Barcode generator for .NET Control to generate, create Linear Barcode image in Visual Studio .NET applications.
www.OnBarcode.com
Barcode Generator In .NET
Using Barcode encoder for Reporting Service Control to generate, create Barcode image in Reporting Service applications.
www.OnBarcode.com
2.5.3. Handling Internal Errors Securely
Printing UPC-A Supplement 2 In Visual Studio .NET
Using Barcode generator for .NET framework Control to generate, create UPC-A Supplement 2 image in .NET framework applications.
www.OnBarcode.com
Reading Barcode In Java
Using Barcode reader for Java Control to read, scan read, scan image in Java applications.
www.OnBarcode.com
Sometimes programmers do not know how to handle an error, or may not be able to think of any reasonable action to take when an error occurs, so they simply output Internal Error or abort/exit the application. In the case of the Nokia GGSN, an unhandled error caused the operating system kernel to panic and shut down. While the unhandled error resulted in a serious vulnerability in itself in the case of the Nokia GGSN, sometimes internal errors are used as a stepping stone to construct more sophisticated attacks. One of the first steps that attackers can take in breaking into an application is to try to think of some corner cases that the application probably has not handled, and force it into a state that the programmer who wrote the application did not expect. For instance, we have run across such types of errors in web applications. One particular web application that we have worked with in the past would assign each of its clients a session-id when the client would first connect to the web server. The session-id was simply a number that allowed the server to keep track of the sequence of actions made by that client. Think of the typical client as one that might be browsing through a product catalog, occasionally adding a product to an online shopping cart. The web server would send a session-id to the client when the client first connected, and it would expect the client to send back that session-id on each subsequent request to the web server to allow it to track all the items that the client added to his shopping cart.6 In this particular case, the web application had a vulnerability due to an internal error. If the client did not send back its session-id, the web application would not know what to do, and would output a web page displaying Internal Error to the client. When we were playing with the web application, we had tried not sending the session-id back to the server, and noticed the Internal Error response. This was a tip-off that the web application programmer had not handled an important error condition. After receiving the Internal Error message, we hit the browser s reload button, and, to our surprise, we were able to continue using the application. To our further surprise, we found that the items in our shopping cart were not the ones that we had selected prior to not sending our session-id. It turned out that the way that the application handled the internal error of not being sent a session-id was to assign the client the session-id of the user that was last logged in. All that we had to do was wait for the administrator to log in and then submit a request with a missing session-id in order to get the administrator s session-id and all of the privileges that come with it. Of course, we did not quite know when the administrator would log in next, but we just waited and tried not sending back a session-id every now and then. Eventually, the administrator logged in, and we were able to hijack the administrator s session. All that we did was change the administrator s password to cracked and e-mailed him to let him know that he had an exploitable vulnerability in his system.
Encode PDF-417 2d Barcode In VS .NET
Using Barcode printer for ASP.NET Control to generate, create PDF-417 2d barcode image in ASP.NET applications.
www.OnBarcode.com
Code-39 Printer In Java
Using Barcode encoder for Java Control to generate, create Code 39 image in Java applications.
www.OnBarcode.com
6. The session ID was sent to the client in a cookie (cookies will be covered further in 7). Browsers automatically send cookies back to web servers as per the HTTP specification. However, what if the browser doesn t conform to specification
2D Encoder In C#
Using Barcode encoder for VS .NET Control to generate, create 2D image in Visual Studio .NET applications.
www.OnBarcode.com
Draw Barcode In Visual Basic .NET
Using Barcode generator for VS .NET Control to generate, create Barcode image in .NET framework applications.
www.OnBarcode.com
Print GS1 RSS In .NET Framework
Using Barcode generation for .NET framework Control to generate, create GS1 DataBar Limited image in VS .NET applications.
www.OnBarcode.com
EAN13 Recognizer In None
Using Barcode decoder for Software Control to read, scan read, scan image in Software applications.
www.OnBarcode.com
Copyright © OnBarcode.com . All rights reserved.