Chapter 16. Network Application Protocols

“When the going gets weird the weird turn pro.”

Hunter S. Thompson

Introduction

Chapter 14, “Network Protocols,” examined auditing low-level functionality in IP stacks in modern operating systems and other devices that perform some level of network functionality, security, or analysis. Applications that communicate over the Internet typically implement higher-level protocols and use those previously examined TCP/IP components only as a transport mechanism. Code implementing these higher-level protocols is exposed to attack from untrusted sources. A large percentage of the codebase is dedicated to parsing data from remote machines, and that data is usually expected to conform to a set of protocol specifications. ...

Get The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.