News on Monday
more>>
SharePoint Tech Report
more>>

Download Current Issue
ISSUE 7/1/2009 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?

A knockout blow for Borland?
MicroFocus has upped its offer for Borland Software to $1.50, hoping to chase off a mystery suitor also pursuing the ALM vendor.
07/06/2009 12:26 PM EST

Is the mystery Borland suitor Serena?
Borland software is considering an offer from another company after a preliminary deal with MicroFocus. Is Serena the new company?
06/30/2009 01:55 PM EST

Windows 7 - An eBayer's dream product?
Windows 7 pre-orders can make people money on eBay.
06/29/2009 03:48 PM EST

Microsoft Worldwide Partner Conf.
7/13/2009 to 7/16/2009
New Orleans
Microsoft

OSCON (Open Source Convention)
7/20/2009 to 7/24/2009
San Jose
O'Reilly Media

XBRL Technology Workshop & Summit
7/28/2009 to 7/30/2009
Santa Clara
XBRL US

ACM SIGGRAPH
8/3/2009 to 8/7/2009
New Orleans
ACM SIGGRAPH

OpenSource World (formerly LinuxWorld)
8/12/2009 to 8/13/2009
San Francisco
IDG World Expo

HOME ALL STORIES LATEST NEWS COLUMNS OPINIONS EDITORIALS GUEST VIEWS SHORT TAKES DATA WATCH SPECIAL REPORTS ZEICHICK'S TAKE SD TIMES 100 EDITORS' BLOG

RSS FEEDS

FACEBOOK

TWITTER

WHITE PAPERS JOB BOARD WEBINAR CENTER FREE SOFTWARE BZ RESEARCH ALMSHAREPOINT EVENTS CALENDAR PRINT/PDF EDITION PRINT/PDF BACK ISSUES

SUBSCRIBE TODAY CUSTOMER SERVICE EDITORIAL CALENDAR EDITORIAL BEATS GUEST VIEW GUIDE SD TIMES 100 GUIDE JOB BOARD EVENTS CALENDAR ADVERTISING REPORT A BUG SITE MAP

ABOUT US BZ MEDIA NEWS BZ RESEARCH SYSMANNEWS SPTECHCON PRIVACY POLICY CONTACT US

Printable version

HOME >> LATEST NEWS

Most Read Latest News Blog Resources

Kapow automates website data retrieval
Kapow Technology's Web Data Server 7.0 can be used to create modules that navigate through...

Telerik looks to boost 3D for Silverlight
In a new release of its RadControls component suite, the company introduced a 3D charting ...

Oracle's Fusion 11g lays groundwork for ERP platform
Fusion's components are standards-based and integrated, but some abilities are lost if non...

Telerik looks to boost 3D for Silverlight
In a new release of its RadControls component suite, the company introduced a 3D charting ...

Oracle's Fusion 11g lays groundwork for ERP platform
Fusion's components are standards-based and integrated, but some abilities are lost if non...

IBM emphasizes speed with new Milepost GCC compiler
The company has created an intelligent compiler that is designed to automatically optimize...

A knockout blow for Borland?
MicroFocus has upped its offer for Borland Software to $1.50, hoping to chase off a mystery suitor also pursuing the ALM vendor.

Is the mystery Borland suitor Serena?
Borland software is considering an offer from another company after a preliminary deal with MicroFocus. Is Serena the new company?

Windows 7 - An eBayer's dream product?
Windows 7 pre-orders can make people money on eBay.

“Smart” Software Compiles for Fast Continuous Integration So you’ve decided to pursue a more agile approach to software development and are now face...

Enterprise Continuous Integration Maturity Model Five levels, from Introductory to Novice, Intermediate, Advanced and Insane – it sounds li...

Lower Development Costs Without Staff Reductions or Outsourcing This white paper describes typical reactions to falling budgets and common problems they c...

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

Veracode Tightens Guard at Backdoor

Software-as-a-service tool handles new forms of intrusions

By Jeff Feinman

January 15, 2008 —

Veracode has updated its SecurityReview software security testing service to offer new back-door detection capabilities.

Veracode executives say it can take several weeks to discover a back door inserted into software, leaving the application vulnerable to intruders. The new version of SecurityReview, released in mid-December, provides better detection of back-door intrusions and malicious code, according to Veracode. SecurityReview is a software-as-a-service security offering that Veracode officials claim is the industry’s first on-demand security services on the market.

Some of the back-door techniques that the updated Veracode service can help guard against include special credential back doors, which occur when an attacker inserts logic and special credentials into the program code, and hidden functionality back doors, which allow attackers to issue commands without proper authentication, Veracode officials said.

“The special credential back door is definitely the most commonly found, and it could be because it’s fairly simple,” said Chris Wysopal, CTO of Veracode. “At some point, it goes through the normal authorization functionality of the program, so you can trace back from there to find static values in the program.

“The hidden functionality is a little bit more difficult to find. We look for signs that someone is trying to obfuscate the changes they made to the code. This is a common technique people use. Instead of putting the password in an embedded string, they might make it look like it’s random data, and when data is obfuscated within the binary, that sort of raises the flag in our analysis that there could be something there.”

Wysopal said that one common hidden functionality technique that Veracode frequently finds in customer code is when debugged code is left enabled in the binary; whether intentional or otherwise, it's still a large vulnerability, he said.

The updated Veracode service also defends against rootkits, which can signal that a back door may be present. Rootkits can subvert functions of the operating system and are used to hide back doors. Additionally, Veracode can now scan for unintended network activity such as listening on undocumented ports, making outbound connections to establish a command and control channel, or leaking sensitive information over the network via SMTP, HTTP or other protocols.

Wysopal said that code audits are a good way to find back doors, but that automated activities can also be a great help in uncovering them. Simply prepping the source base for back-door vulnerabilities can serve as a useful test before building an application, he added.

Share this link: http://www.sdtimes.com/link/31663

Apache Qpid M3 improves Java broker, tightens code The messaging protocol contains an implementation of the AMQP standard that is compatible with C++, Java, .NET, Python and Ruby. The improved Java message broker is written in both C++ and Java, avoiding difficulties associated with JMS.

Microsoft Begins Changing of the Guard Three prominent Microsoft executives announced this week that they would be leaving the company, the most notable among them being...

Mono Team Tightens Ties To Microsoft Mono, the open source .NET runtime project run by Novell, has gone back to basics. In February, the Mono team...

Add comment

Name*
Email*
Country

Comment
Preview

HOME SITE MAP CURRENT ISSUE BACK ISSUES SUBSCRIBER SERVICES ABOUT US CONTACT US BZ MEDIA

Veracode Tightens Guard at Backdoor

Software-as-a-service tool handles new forms of intrusions

By Jeff Feinman

Related Articles

Add comment