Book Review: Exploiting Software

Network security administrators have had the advantage of books like Hacking Exposed for years. Exploiting Software is for software developers what Hacking Exposed is for network administrators. This book will help software developers understand how crackers find and exploit holes in their code so they can proactively write better code to protect it. This is a must-read book for software developers.

After doing some homework to find IP addresses and TCP ports that might be open to attack and locating a target system, it is often a vulnerable application running on the target system which provides the door for an attacker to compromise a system.

Hacking Exposed and the whole genre of hacker technique and defense books provides a window for network and security administrators to peer into the world of the malicious hacker and understand how an attacker would go about finding weaknesses in their networks to exploit and attack. Using this information the network administrator can develop defenses to protect their environments from this sort of exploitation.

Exploiting Software is for software developers what Hacking Exposed is for network administrators. Greg Hoglund and Gary McGraw have written a book which explains in detail how a cracker might go about finding holes or breaking into software. They cover the tools and techniques commonly used and describe ways that a software developer can write better code to prevent these sorts of attacks.

I am not a software developer- just a dabbler in programming- but I still found the book engaging and educational. Should I ever delve deeper into software programming it is books like this one which will give me the knowledge to write code that is more secure from the get go.

Software developers should be required to read this book to fully understand their "enemy" and how to program to prevent their product from being exploited.