1. Simple Source Auditing Tools Roy INSA

2. Outline FLAWFINDER RATS

3. Environment Operating System Linux Requite Computers One Computer

4. Environment CERT ® Advisory CA-2000-13 Two Input Validation Problems In FTPD Systems Affected:Any system running wu-ftpd 2.6.0 or earlier “ ftp daemon may be tricked into executing arbitrary code as root “ http://wu-ftpd.theomnistore.com/wu-ftpd-attic/wu-ftpd- 2.6.0.tar.gz

5. Flawfinder Check C and C++ programming vulnerability http://www.dwheeler.com/flawfinder/ 1 2 3 4 5 LowHigh

6. RATS C,C++ Perl PHP Python http://www.securesw.com/rats/rats-2.1.tar.gz XML parser library http://expat.sourceforge.net/ Install expat Compiler rats

7. Summery Programmer Timing Lazy Convenient