Develop Reference

how do they do it? [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
i am a senior developer and I'm trying to advance my knowledge of security to a deeper level. That is to say that i know what these hackers can do/what the risks are, but I'd like to know how they do it in general. On that note, if anyone can enlighten me on the following items, i would be most grateful:
Packet sniffing: I know that packets can be sniffed out and analyzed, but how do they do it? my understanding was that in order to do this, there would need to be actual software running on the server itself since it needs access to the network card to do so... is that accurate? If not, how can they remotely capture incoming packets to a server without access to that box directly?
Session Hijacking: Once again, i am confused here. I know they can do it, but how? The session ID is issues by the server itself, and then returned to the browser based on what? the caller's ip address? mac address? what is used by these hackers to capture the session id from a web session? is it software on a pc that is infected?
Site Hijacking: again, i know they can do this, but from my current knowledge, this would mean that they would have to have hijacked/infected a DNS publishing server and redirecting queries for that site to their choice of IP address... again: is that accurate?
Hijacking a server: how is this possible? how can an open port, for example, allow any hacker to gain full fledged access yo a box so that they can infect it or install some piece of software that would enable 1, 2 and 3 above? My current understanding is that ports are used to communicate, but that unless some software/service is monitoring that port and waiting for commands, nothing would come of that port being open... is that accurate? and if so, why is so much importance given to ports being closed and such?
Hijacking some super secure site: i work every day with security in mind, and constantly use things like: SSL, RSA, SHA512, SSL TOKENS, IP restriction, etc... my question is: how in the crapper are they STILL able to get in with all of these things enabled?
i know that's a lot of stuff, but i really am curious and want to take my security knowledge to the next level. If you're a developer with the same mindset as me, you have issues just using some pre-built library or control without knowing what it does in the background in details, and you'll understand why I'm not happy just knowing which protocols, libraries or encryption methods to implement.
Know the enemy, right?

First of all, I love hacking (only for good), and I think the more people are educated about it the safer we all will be, so I applaud you for your curiosity.
These are great questions, but a good answer would literally require an entire book or two. I have read all of these books in my studies and I personally recommend them. I recommend the following to get you started:
This will get you started with basic tools and techniques. This book doesn't go very deep so if you're looking for the meat, skip it and read the other three unless you are very new to security: The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, Patrick Engebretson (Full disclosure, the author was a professor of mine at DSU. The book rocks though)
For a relatively deep introduction to security, including an excellent background in OSes and networking:Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition), Edward Skoudis (probably my favorite book of all time)
To dive very deep (Assembly language level) into how the attacks work:Hacking, The Art of Exploitation, Jon Erickson
To dive deeply into the Web app side of things:The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, Dafydd Stuttard, Marcus Pinto (Full disclosure, the technical editor was a professor of mine at DSU)

Portal : Do I really need a Portal [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
Do I really need a Portal ??
Always one question comes to my mind , why do people go for Portal development , can't they manage with a normal web aplication , managing the UI Page with different sections? I am sorry if my question is not valid.
Or In what scenarios do we actually need a web Portal?

Managing a UI page with different sections is fine if your users are using only your application. However, a portal allows your users to use multiple applications (and many of them not created by you) and kind of 'aggregate' their content on one page; well at least have a place which provides easy access to them on one page. The emphasis here is on multiple applications; these are applications that you as a developer may have no control over; they may have been written by a third party (such as Google, or any other developer).
The items on a portal page may not necessarily be from the problem domain that you are developing for. There's no reason why a user can't put the local weather on the same page that he's examining the inventory for his company.
Portals provide a single point of entry; that's the key point. A portal also provides some other niceties such as managed logins. If you are creating an application for a customer, and you don't have a need for a portal, a portal may be overkill (and probably is, if you have to ask).

Can someone tell me breifly how sharepoint works? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 12 years ago.
I have been trying to find a simple answer for a while now but I can't seem to get a direct answer?! Can someone please put it into simple terms? Thanks it would be much appreciated

SharePoint is a content management system (CMS) build with an ASP.NET front end, and an XML based backend running on IIS and SQL Server.
A good start is wikipedia:
http://en.wikipedia.org/wiki/Microsoft_SharePoint

Sharepoint is just a one stop shop portal. It allows you to manage documents, provide workflow, and collaboration. It even can be built to work like a CRM system, especially the 2010 version which is .net based.
All in all it is a good intranet tool for a company big or small. It can handle documents and provide information like when the document was updated, what was updated, checking in / out documents.
It also allows you to post notes, reminders, notifications for company wide functional groups. You can strict it to be departmental. It is a monster that is based on a SQL SERVER backend with some notorious tables. You can build lists of any sort, import Excel data, and create performance indicators for things like reports or management content.
Just a very large CMS (can be CRM) / Document Mgmt / Anything embedded from .net system.

Sharepoint is a system for shared calenders, appointments, discussions, document tracking, crm and cms solutions...
Good for internal use - but can equally be used external public face content manageable sites.

What should every programmer know about security? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I am an IT student and I am now in the 3rd year in university. Until now we've been studing a lot of subjects related to computers in general (programming, algorithms, computer architecture, maths, etc).
I am very sure that nobody can learn every thing about security but sure there is a "minimum" knowledge every programmer or IT student should know about it and my question is what is this minimum knowledge?
Can you suggest some e-books or courses or anything can help to start with this road?

Principles to keep in mind if you want your applications to be secure:
Never trust any input!
Validate input from all untrusted sources - use whitelists not blacklists
Plan for security from the start - it's not something you can bolt on at the end
Keep it simple - complexity increases the likelihood of security holes
Keep your attack surface to a minimum
Make sure you fail securely
Use defence in depth
Adhere to the principle of least privilege
Use threat modelling
Compartmentalize - so your system is not all or nothing
Hiding secrets is hard - and secrets hidden in code won't stay secret for long
Don't write your own crypto
Using crypto doesn't mean you're secure (attackers will look for a weaker link)
Be aware of buffer overflows and how to protect against them
There are some excellent books and articles online about making your applications secure:
Writing Secure Code 2nd Edition - I think every programmer should read this
Building Secure Software: How to Avoid Security Problems the Right Way
Secure Programming Cookbook
Exploiting Software
Security Engineering - an excellent read
Secure Programming for Linux and Unix HOWTO
Train your developers on application security best pratices
Codebashing (paid)
Security Innovation(paid)
Security Compass (paid)
OWASP WebGoat (free)

Rule #1 of security for programmers: Don't roll your own
Unless you are yourself a security expert and/or cryptographer, always use a well-designed, well-tested, and mature security platform, framework, or library to do the work for you. These things have spent years being thought out, patched, updated, and examined by experts and hackers alike. You want to gain those advantages, not dismiss them by trying to reinvent the wheel.
Now, that's not to say you don't need to learn anything about security. You certainly need to know enough to understand what you're doing and make sure you're using the tools correctly. However, if you ever find yourself about to start writing your own cryptography algorithm, authentication system, input sanitizer, etc, stop, take a step back, and remember rule #1.

Every programmer should know how to write exploit code.
Without knowing how systems are exploited you are accidentally stopping vulnerabilities. Knowing how to patch code is absolutely meaningless unless you know how to test your patches. Security isn't just a bunch of thought experiments, you must be scientific and test your experiments.

Security is a process, not a product.
Many seem to forget about this obvious matter of fact.

I suggest reviewing CWE/SANS TOP 25 Most Dangerous Programming Errors. It was updated for 2010 with the promise of regular updates in the future. The 2009 revision is available as well.
From http://cwe.mitre.org/top25/index.html
The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software.

A good starter course might be the MIT course in Computer Networks and Security. One thing that I would suggest is to not forget about privacy. Privacy, in some senses, is really foundational to security and isn't often covered in technical courses on security. You might find some material on privacy in this course on Ethics and the Law as it relates to the internet.

The Web Security team at Mozilla put together a great guide, which we abide by in the development of our sites and services.

The importance of secure defaults in frameworks and APIs:
Lots of early web frameworks didn't escape html by default in templates and had XSS problems because of this
Lots of early web frameworks made it easier to concatenate SQL than to create parameterized queries leading to lots of SQL injection bugs.
Some versions of Erlang (R13B, maybe others) don't verify ssl peer certificates by default and there are probably lots of erlang code that is susceptible to SSL MITM attacks
Java's XSLT transformer by default allows execution of arbitrary java code. There has been many serious security bugs created by this.
Java's XML parsing APIs by default allow the parsed document to read arbitrary files on the filesystem. More fun :)

You should know about the three A's. Authentication, Authorization, Audit. Classical mistake is to authenticate a user, while not checking if user is authorized to perform some action, so a user may look at other users private photos, the mistake Diaspora did. Many, many more people forget about Audit, you need, in a secure system, to be able to tell who did what and when.

Remember that you (the programmer) has to secure all parts, but the attacker only has to succeed in finding one kink in your armour.
Security is an example of "unknown unknowns". Sometimes you won't know what the possible security flaws are (until afterwards).
The difference between a bug and a security hole depends on the intelligence of the attacker.

I would add the following:
How digital signatures and digital certificates work
What's sandboxing
Understand how different attack vectors work:
Buffer overflows/underflows/etc on native code
Social engineerring
DNS spoofing
Man-in-the middle
CSRF/XSS et al
SQL injection
Crypto attacks (ex: exploiting weak crypto algorithms such as DES)
Program/Framework errors (ex: github's latest security flaw)
You can easily google for all of this. This will give you a good foundation.
If you want to see web app vulnerabilities, there's a project called google gruyere that shows you how to exploit a working web app.

when you are building any enterprise or any of your own software,you should just think like a hacker.as we know hackers are also not expert in all the things,but when they find any vulnerability they start digging into it by gathering information about all the things and finally attack on our software.so for preventing such attacks we should follow some well known rules like:
always try to break your codes(use cheatsheets & google the things for more informations).
be updated for security flaws in your programming field.
and as mentioned above never trust in any type of user or automated inputs.
use opensource applications(their most security flaws are known and solved).
you can find more security resource on the following links:
owasp security
CERT Security
SANS Security
netcraft
SecuritySpace
openwall
PHP Sec
thehackernews(keep updating yourself)
for more information google about your application vendor security flows.

Why is is important.
It is all about trade-offs.
Cryptography is largely a distraction from security.

For general information on security, I highly recommend reading Bruce Schneier. He's got a website, his crypto-gram newsletter, several books, and has done lots of interviews.
I would also get familiar with social engineering (and Kevin Mitnick).
For a good (and pretty entertaining) book on how security plays out in the real world, I would recommend the excellent (although a bit dated) 'The Cuckoo's Egg' by Cliff Stoll.

Also be sure to check out the OWASP Top 10 List for a categorization of all the main attack vectors/vulnerabilities.
These things are fascinating to read about. Learning to think like an attacker will train you of what to think about as you're writing your own code.

Salt and hash your users' passwords. Never save them in plaintext in your database.

Just wanted to share this for web developers:
security-guide-for-developershttps://github.com/FallibleInc/security-guide-for-developers

Good resources on security, hacking etc? [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am interested in learning about how hackers find and exploit vulnerabilities. Specifically about windows hacking and web hacking i.e. I’m NOT interested in linux/unix stuff.
Are there any good websites with technical articles about specifically how to find, exploit and block vulnerabilities with code samples and tools used.
I can do a quick search and there are a load of sites but i'm looking for something with a little more quality geared towards an audience with a programming and web background.
Even a good book but only if it's windows/web specific
Thanks a lot

Smashing the Stack for Fun and Profit is the classic Phrack article on writing buffer overflow exploits.

A good starting point for a web developper would be the Open Web Application Security Project (OWASP). They have a lot of ressources on the subject of Web Application Security and on some on application security in general. You can get some of the wisdom of that side in book form.

Try Simpson Garfinkel's book on web security first.

I highly recommend:
Hacking: The Art of Exploitation
Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook

I liked the Web Security Testing Cookbook. Some non-Windows stuff in there. The focus is on testing and using tools to find problems.

Subscribe to Schneier on Security. It's a great security blog.

For web hacking I recommend reading the book The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (very good book with lots of examples. It also shows you the tools which will get you started).
Also for web hacking I recommend completing and understanding all the challenges you can solve by downloading the WebGoat

See the top 100 network security tools list at http://sectools.org/.

Don't get me wrong but if you really want to understand security stuff, Linux is really the way to go. There, you'll really learn the fundamental, i.e. things that is important everywhere (encryption, ASM, programming, protocols, [etc]). However, on Linux, you'll be able to read real code and use/find real exploit (and of course, send bug fix). You'll also find a lot more documentation and a really nice community.
I know I'm biased toward Linux and you'll probably think I completely missed your question. However, I know friends of mine who asked me the same question and I told them what I've just told you.
Once you know the base, you can easily find the documentation you want (reading RFC, learning new languages, architectures, tools, source code, etc..) This is by far better then to know a procedure to execute an exploit without understanding why it exists.
One last thing, the best hacker does't find exploit by guessing.. they have a perfect understanding on the underlying structure and see something wrong. Then, some exploit it, other send a patch to fix it - this is not the right place to argue about it - however, they are both experts in this domain.

I think what you'll need would be to join some hackers community which would provide many missions where you'd have to find the exploits yourself....
understand that if you have learn hacking you'd have to hack something......
www.enigmagroup.org would be an useful one...
www.securitytube.net from here you can get videos on almost every security related issue...