From: David Hawley (chiman@hawaiian.net)
Date: Wed Apr 10 2002 - 01:46:50 EDT
Well Kai, they do all of the above.
Some companies hire an independant Audit team to audit software. Some read
bugtraq, incidents, and others wait until they get hacked. :-)
David Hawley
-----Original Message-----
From: kaipower [mailto:kaipower@subdimension.com]
Sent: Thursday, April 04, 2002 5:05 PM
To: security-basics@securityfocus.com; vuln-dev@security-focus.com;
vuln-dev@securityfocus.com
Subject: Techniques for Vulneability discovery
Hi,
After reading the mailing list for quite a while, there is a burning
question which I kept asking myself:
How do experts discover vulnerabilities in a system/software?
Some categories of vulnerabilities that I am aware of:
1) Buffer overflow (Stack or Heap)
2) Mal access control and Trust management
3) Cross site scripting
4) Unexpected input - e.g. SQL injection?
5) Race conditions
6) password authentication
Do people just run scripts to brute force to find vulnerabilities? (as in
the case of Buffer overflows)
Or do they do a reverse engineer of the software?
How relevant is reverse engineering in this context?
Anybody out there care to give a methodology/strategy in finding
vulnerabilities?
Mike
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:28:03 EDT