|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Penetration testing via shrinkware
tqbf (ashland
pobox.com)
Mon, 21 Sep 1998 18:30:02 -0400 (EDT)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: tqbf: "Re: Penetration testing via shrinkware"
- Previous message: Chris Shenton: "Re: NetMeeting security solution?"
- In reply to: C Matthew Curtin: "Re: NetMeeting security solution?"
- Next in thread: Ted Doty: "Re: Penetration testing via shrinkware"
> If you go over the code in the IP stack for fragment handling, and you
> know for certain how fragments should be handled, then you can probably
> get a high assurance that they're handled correctly. If you throw lots
> of fragments for lots of protocols at it, and your test doesn't encompass
> overlapping fragments, your level of assurance is lower.
Unless you are formally verifying the code, you can't really perform one
type of testing (code review) without the other (black-box testing). Code
designed to handle overlapping fragments has been shown to be broken in
non-obvious ways before, and this occurred because someone took the time
to throw bizarrely overlapping fragments at the code.
This is an obvious point, I just wanted to make sure it was clear.
-----------------------------------------------------------------------------
Thomas H. Ptacek Network Security Research Team, NAI
-----------------------------------------------------------------------------
"If you're so special, why aren't you dead?"
- Next message: tqbf: "Re: Penetration testing via shrinkware"
- Previous message: Chris Shenton: "Re: NetMeeting security solution?"
- In reply to: C Matthew Curtin: "Re: NetMeeting security solution?"
- Next in thread: Ted Doty: "Re: Penetration testing via shrinkware"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:47 CDT