Detecting source code modification attacks

Security Lessons: Modified Code Attacks

Article from Issue 131/2011

Learn how to protect yourself against malicious attacks by modified source code.

Normally, when I think about intrusion detection, my thoughts go straight to solutions for things like network- and hostbased intrusion detection – in other words, the usual suspects (Snort, OSSEC, Prelude, event logging and analysis, etc.) [1] – but an often overlooked area of intrusion detection is source code modification attacks.

In the past few months, several highprofile source code modification attacks have taken place. Fortunately, two of the largest were quickly detected and dealt with, but only because pre-existing systems and processes were in place that could detect the attack and allow it to be handled.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus

Direct Download

Read full article as PDF:

058-059_kurt.pdf (940.41 kB)