Archive for the ‘Notes on Software Requirements and Specifications’ Category

Reading Notebook: 16-September-09

Wednesday, September 16th, 2009

Comments in italics are mine and express my own views, thoughts and opinions

Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:

InitOnceExecuteOnce API, synchronous (p. 197) - new in Vista and W2K8, http://msdn.microsoft.com/en-us/library/ms683493(VS.85).aspx

InitOnceBeginInitialize / InitOnceComplete API, asynchronous (p. 197) - code examples for one-time initialization: http://msdn.microsoft.com/en-us/library/ms686934(VS.85).aspx

Dynamic worker threads (pp. 199 - 200)

ALPC (pp. 202 - 206) - ALPC is used extensively in terminal services environments. Here is the sample output from WinDbg to mine for ALPC wait chains in frozen systems and blocked services: 

1: kd> !process 0 ff

[...]

THREAD fffffa8006ef7060  Cid 0350.279c  Teb: 000007fffffa4000 Win32Thread: fffff900c22904f0 WAIT: (WrLpcReply) UserMode Non-Alertable
    fffffa8006ef73f0  Semaphore Limit 0x1
Waiting for reply to ALPC Message fffff880104eecf0 : queued at port fffffa80060d4c80 : owned by process fffffa8004c39040
IRP List:
    fffffa8006d21c60: (0006,03a0) Flags: 00060030  Mdl: 00000000
    fffffa8005f876c0: (0006,03a0) Flags: 00060030  Mdl: 00000000
Not impersonating
DeviceMap                 fffff88000007450
Owning Process            fffffa80057844d0       Image:         svchost.exe
Attached Process          N/A            Image:         N/A
Wait Start TickCount      10908131       Ticks: 18864 (0:00:04:54.750)
Context Switch Count      12660                 LargeStack
UserTime                  00:00:00.671
KernelTime                00:00:00.578
Win32 Start Address 0×000007fefe51fdec
Stack Init fffffa6006249db0 Current fffffa6006249670
Base fffffa600624a000 Limit fffffa6006243000 Call 0
Priority 13 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
Child-SP          RetAddr           Call Site
fffffa60`062496b0 fffff800`016a36fa nt!KiSwapContext+0×7f
fffffa60`062497f0 fffff800`0169835b nt!KiSwapThread+0×13a
fffffa60`06249860 fffff800`016cd4e2 nt!KeWaitForSingleObject+0×2cb
fffffa60`062498f0 fffff800`01916d14 nt!AlpcpSignalAndWait+0×92
fffffa60`06249980 fffff800`019137a6 nt!AlpcpReceiveSynchronousReply+0×44
fffffa60`062499e0 fffff800`0190330f nt!AlpcpProcessSynchronousRequest+0×24f
fffffa60`06249b00 fffff800`016a0ef3 nt!NtAlpcSendWaitReceivePort+0×19f
fffffa60`06249bb0 00000000`774d756a nt!KiSystemServiceCopyEnd+0×13 (TrapFrame @ fffffa60`06249c20)
00000000`029decd8 00000000`00000000 0×774d756a

1: kd> !alpc /m fffff880104eecf0

Message @ fffff880104eecf0
  MessageID             : 0x053C (1340)
  CallbackID            : 0xC26264 (12739172)
  SequenceNumber        : 0x0000031F (799)
  Type                  : LPC_REQUEST
  DataLength            : 0x0048 (72)
  TotalLength           : 0x0070 (112)
  Canceled              : No
  Release               : No
  ReplyWaitReply        : No
  Continuation          : Yes
  OwnerPort             : fffffa800a7804d0 [ALPC_CLIENT_COMMUNICATION_PORT]
  WaitingThread         : fffffa8006ef7060
  QueueType             : ALPC_MSGQUEUE_PENDING
  QueuePort             : fffffa80060d4c80 [ALPC_CONNECTION_PORT]
  QueuePortOwnerProcess : fffffa8004c39040 (svchost.exe)
  ServerThread          : fffffa800aa8c700
  QuotaCharged          : No
  CancelQueuePort       : 0000000000000000
  CancelSequencePort    : 0000000000000000
  CancelSequenceNumber  : 0×00000000 (0)
  ClientContext         : 0000000004e87390
  ServerContext         : 0000000000000000
  PortContext           : 0000000005615340
  CancelPortContext     : 0000000000000000
  SecurityData          : 0000000000000000
  View                  : 0000000000000000

1: kd> !alpc /p fffffa80060d4c80
Port @ fffffa80060d4c80
  Type                      : ALPC_CONNECTION_PORT
  CommunicationInfo         : fffff88007f66ba0
    ConnectionPort          : fffffa80060d4c80
    ClientCommunicationPort : 0000000000000000
    ServerCommunicationPort : 0000000000000000
  OwnerProcess              : fffffa8004c39040 (svchost.exe)
  SequenceNo                : 0x00000000 (0)
  CompletionPort            : fffffa80057d8040
  CompletionList            : 0000000000000000
  MessageZone               : 0000000000000000
  ConnectionPending         : No
  ConnectionRefused         : No
  Disconnected              : No
  Closed                    : No
  FlushOnClose              : Yes
  ReturnExtendedInfo        : No
  Waitable                  : No
  Security                  : Static
  Wow64CompletionList       : No

  Main queue is empty.

  Large message queue is empty.

  Pending queue has 192 message(s)

    fffff88012c7e030 0000201c 0000000000013f88:00000000000154fc 0000000000000000 fffffa8008573a30 LPC_CANCELED
    fffff88009a98cf0 0000221c 0000000000000b04:00000000000109b4 fffffa800b533bb0 fffffa8008ee7bb0 LPC_REQUEST
    fffff880129b9cf0 00001ffc 00000000000067d8:000000000000a85c fffffa800a032060 fffffa800a408060 LPC_REQUEST
    fffff8800ed62cf0 00001ea4 0000000000012c1c:0000000000013238 fffffa800afbcbb0 fffffa800bbf1060 LPC_REQUEST
    fffff88011fa7cf0 000014ec 0000000000000b04:0000000000013a38 fffffa80072c6bb0 fffffa800b4d2700 LPC_REQUEST
    fffff8801001e980 0000159c 000000000000b25c:0000000000003004 fffffa8006ebcbb0 fffffa8009c25060 LPC_REQUEST
    fffff88009a56cf0 00001f94 0000000000012940:0000000000015478 fffffa800a75d700 fffffa800b4b8060 LPC_REQUEST
[...]
    fffff880129aa640 000018f0 000000000000d31c:00000000000147c0 fffffa800ab9bbb0 fffffa8006ffb560 LPC_REQUEST
    fffff88008b29ac0 0000152c 000000000000fa5c:000000000000faa4 0000000000000000 fffffa800abadbb0 LPC_CANCELED
    fffff88009eaa460 000005dc 000000000000e13c:000000000000e3d4 fffffa800921b630 fffffa800a191060 LPC_REQUEST

  Canceled queue is empty.

The .NET Developer’s Guide to Windows Security by M. Brown:

Developing code in non-privileged way: two logons (p. 35)

whoami command (p. 37) - whoami /all

netsh command (p. 37)

runas /netonly (p. 39)

Nested runas commands (p. 40)

Debugger Users group (p. 41) 

Run - install assumption (p. 46) - Got an idea for a bugtation: “You must assume that your program will be” coded “by one person and” debugged “by another!”

Least privilige for installer design (p. 46)

Software Requirements & Specifications by M. Jackson:

Indicative mood of formalizations (p. 9)

Application domain vs. generic domain and app. domain vs. environment (p. 9)

Structured Analysis of DeMArco / Gane / Sarson - the danger of thinking in terms of a machine when looking at the existing system (p. 10)

Costruction of difficulty from simplicity in software development, shorter vs. longer problem description spans (pp. 12 - 14) - lesson: create one structural UML diagram that covers all possible problem spans

Different views on the origin of software development disasters (pp. 14 - 15) - the view from memory dump analysis engineer: study crash dump analysis patterns (by applying bijectionism) and learn from them. Software artifacts are memory dumps. Software development is memory change.

Software technology as technology of description (p. 17) 

- Dmitry Vostokov @ SoftwareGeneralist.com -

Posted in Notes on Guide to Windows Security, Notes on Software Requirements and Specifications, Notes on Windows Internals, Reading Notebook | No Comments »

Reading Notebook: 08-September-09

Tuesday, September 8th, 2009

Comments in italics are mine and express my own views, thoughts and opinions

The .NET Developer’s Guide to Windows Security by M. Brown:

The principle of least privilege as software construction mindset (pp. 17 - 18)

Close a resource as you finish to avoid security intra-context leaks (p. 18)

Always think about failure (p. 23)

Multifactor authentication (p. 25) - Useful mnemonic HKM (Have, Know, Made of) 

Default modes in Kerberos and SSL: client to prove identity and server to prove identity (p. 26)

Did you complete identity proof by checking GUI details? (p. 26)

The luring attack (p. 27)

“Security Is a Process, Not a Product” by B. Schneier (p. 32) - Thinking analogically, regarding supportability, software engineers need to write maintainable code with a support engineer in mind.

Software Requirements & Specifications by M. Jackson:

Need to read this book to refresh my past software design and architecture knowledge

Software development as logic and math, as socio-ethical challenge, as labour employment relations, as problem in manufacturing control, as engineering (p. 1) - I see it as memory changes 

Distinction between machine and app domain: how and what (p. 1) - Modeling?

Requirements are in app domain (p. 2)

The importance of explicit and precise domain descriptions (p. 2)

Modeling is always incomplete, coincidental similarity of many OO descriptions to the real world (p. 3)

Specification as interface description between machine and app domain (p. 3)

Scope vs. Span: classes vs. areas (pp. 3 - 4)

Partial descriptions as separating concerns (p. 4)

Moods in description: optative (what we want) and indicative (is) (p. 4)

The importance of problem frames and multi-frame problems (pp. 4 - 5)

- Dmitry Vostokov @ SoftwareGeneralist.com -

Posted in Notes on Guide to Windows Security, Notes on Software Requirements and Specifications, Reading Notebook | No Comments »