Secure Programming for Linux and Unix HOWTO (PDF 168P)
Secure Programming for Linux and Unix HOWTO (PDF 168P)
Secure Programming for Linux and Unix HOWTO (PDF 168P)
This note covers the following topics: background, history of unix,
linux, and open source, security principles, why do programmers write insecure
code?, is open source good for security?, types of secure programs, paranoia is
a virtue, why did i write this document?, sources of design and implementation
guidelines, other sources of security information, document conventions, summary
of linux and unix security features, processes, files, system v ipc, sockets and
network connections, signals, quotas and limits, dynamically linked libraries,
audit, pam, specialized security extensions for unix-like systems, security
requirements, common criteria introduction, security environment and
objectives,validate all input, command line, environment variables, file
descriptors, file names, file contents, web-based application inputs (especially
cgi scripts), other inputs, human language (locale) selection, character
encoding, prevent cross-site malicious content on input, filter html/uris that
may be re-presented, remove or forbid some html data, encoding html data,
validating html data, validating hypertext links (uris/urls), other html tags,
related issues, forbid http get to perform non-queries, counter spam, limit
valid input time and load level, avoid buffer overflow, dangers in c/c++,
library solutions in c/c++, standard c library solution, static and dynamically
allocated buffers, strlcpy and strlcat, libmib, c++ std
This manual is an
introduction to Linux system administration. It covers, after an introduction to
the significance and problems of system administration, the basics of process,
user account, and access control management, the management of disk partitions,
file systems, and quotas, common boot loaders, the system start and shutdown
process, PC hardware, and library and package management.
This note covers the
following topics: modifying and hacking security tools, writing plugins for
nessus, developing dissectors and plugins for the ettercap network sniffer,
extending hydra and nmap, writing plugins for the nikto vulnerability scanner,
writing modules for the metasploit framework, extending code analysis to the
webroot, modifying and hacking security tools, fun with linux kernel modules,
developing web assessment tools and scripts, automated exploit tools, writing
network sniffers, writing packetinjection tools, colophon.
This note covers the following topics: background, history of unix,
linux, and open source, security principles, why do programmers write insecure
code?, is open source good for security?, types of secure programs, paranoia is
a virtue, why did i write this document?, sources of design and implementation
guidelines, other sources of security information, document conventions, summary
of linux and unix security features, processes, files, system v ipc, sockets and
network connections, signals, quotas and limits, dynamically linked libraries,
audit, pam, specialized security extensions for unix-like systems, security
requirements, common criteria introduction, security environment and
objectives,validate all input, command line, environment variables, file
descriptors, file names, file contents, web-based application inputs (especially
cgi scripts), other inputs, human language (locale) selection, character
encoding, prevent cross-site malicious content on input, filter html/uris that
may be re-presented, remove or forbid some html data, encoding html data,
validating html data, validating hypertext links (uris/urls), other html tags,
related issues, forbid http get to perform non-queries, counter spam, limit
valid input time and load level, avoid buffer overflow, dangers in c/c++,
library solutions in c/c++, standard c library solution, static and dynamically
allocated buffers, strlcpy and strlcat, libmib, c++ std