|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Gerrie (gerrie_at_hit2000.org)
Date: Tue Feb 04 2003 - 19:54:49 CST
> Defeating Exploits
> **************
> The ideas in this "paper" present a method for defeating exploits; not the
> actual vulnerability. Before getting to the details let's consider slammer
> (again).
I prefer to call your paper 'slowing down exploitation' rather hen
preventing.
There are allot of exploits in the past that found the right offset on their
own -some kind of brute force- to be able to execute their payload. (X2,
SSL2open etc...)
Besides this, it will only have effect on worms, which are not affecting
allot of organizations. (slammer and earlier worms didn't affect the whole
world, only public opinion and media and therefore was made bigger then real
issues that still are existing)
Cheers,
Gerrie
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]