Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Tools page updated"] [Next entry: "Edward Stanglers next post in the not running catpatch.sql series"]

Buffer overflows and hacking book list

I have been looking at buffer overflow techniques for research for the SANS Securing Oracle track that I am writing. I wil talk about a couple of papers i found later as I want to finish reading them first but I also noticed a post to the vuln-dev mailing list hosted at Security Focus in the last couple of days.

An original poster asked for books or links related to secure programming that describe how buffer overflows, race conditions and others can cause security vulnerabilities in programs.

Dave McKinney of Security Focus has collated together a very good list of books and a few links about secure programming, hacking, exploitation etc. This is an excellent resource for those who want to know how programs get exploited. Buffer overflows seem to be very popular in alert 68 for instance. If you are interested in security then you should understand what are the techniques used by hackers and how they actually work.