Secure Network Server Programming on Unix
- Type
- Slides
- Tags
- network, secure development
- Authors
- Andreas Krennmair
- Event
- Chaos Communication Congress 23th (23C3) 2006
- Indexed on
- Mar 27, 2013
- URL
- http://events.ccc.de/congress/2006/Fahrplan/attachments/1119-trapdoor.pdf
- File name
- 1119-trapdoor.pdf
- File size
- 132.4 KB
- MD5
- 49172a41c6c3fe22e521e7c14dba580c
- SHA1
- 9785379388950ab17f885eb044253548de64414e
This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
