23C3 - 1.5

23rd Chaos Communication Congress
Who can you trust?

Speakers
Andreas Krennmair
Schedule
Day 2
Room Saal 3
Start time 14:00
Duration 01:00
Info
ID 1446
Event type Lecture
Track Hacking
Language English
Feedback

Secure Network Server Programming on Unix

Techniques and best practices to securely code your network server

This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors.

This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.