Re: [SC-L] Web Services vs. Minimizing Attack Surface

2006-08-15 Thread Nash
universe. -nash On Tue, Aug 15, 2006 at 10:03:07AM +0200, John Wilander wrote: Hi! The security principle of minimizing your attack surface (Writing Secure Code, 2nd Ed.) is all about minimizing open sockets, rpc endpoints, named pipes etc. that facilitate network communication between

Re: [SC-L] Resource limitation

2006-07-17 Thread Nash
, but are still largely theoretical. http://en.wikipedia.org/wiki/Capability-based_security That said, every decent Unix system I'm aware of has ulimit, which you can use to restrict virtual memory allocations, total open files, etc: nash @ quack% ulimit -a ... virtual memory

Re: [SC-L] ddj: beyond the badnessometer

2006-07-13 Thread Nash
and functional requirements is the single best way to prevent intrusions, bar none. nash e. foster Stratum Security, LLC -- the lyf so short, the craft so long to lerne. - Geoffrey Chaucer ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] Theoretical question about vulnerabilities

2005-04-11 Thread Nash
/ http://www.google.com/search?q=international+SPIN+workshopstart=0start=0ie=utf-8oe=utf-8client=firefox-arls=org.mozilla:en-US:official ciao, -nash Notes: ** This definition of exploit is chosen more or less arbitrarily. It seems reasonable to me. It might not be. I would conjecture that any

Re: [SC-L] Top security papers

2004-08-10 Thread Nash
On Sat, Aug 07, 2004 at 06:41:49PM -0700, Matt Setzer wrote: Specifically, what are the top five or ten security papers that you'd recommend to anyone wanting to learn more about security? What are the papers that you keep printed copies of and reread every few years just to get a new