[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030204164833.74338123.dave@immunitysec.com>
From: dave at immunitysec.com (Dave Aitel)
Subject: The Advantages of Block-Based Protocol Analysis for Security Testing
Immunity, Inc. is proud to announce both a new paper on SPIKE and
related fuzzing technology, and the release of SPIKE 2.8. Both are
available from http://www.immunitysec.com/spike.html . SPIKE is a
full-featured network protocol analysis toolkit, written in C, and
released under the GNU Public License (GPL).
The most obvious change to SPIKE 2.8 is the inclusion of a DCE-RPC over
named pipe fuzzer.
The abstract of the paper is below. It should be noted that the paper
contains not only detailed information on how to detect the RPC Locator
vulnerability with SPIKE, but also several other vulnerabilities in
Windows 2000 that were discovered as part of this testing. (For a binary
of one of them, try http://www.immunitysec.com/downloads/plonk ).
The Advantages of Block-Based Protocol Analysis for Security Testing
Abstract. This paper describes an effective method for black-box testing
of unknown or arbitrarily complex network protocols for common problems
relating to the security of a program or system. By introducing a
block-based method for taking advantage of all known factors in a
network protocol, and delimiting the effect of all unknown factors, the
potential space of inputs to a program can be reduced intelligently by a
tester, compensating for incomplete knowledge of the target's
implementation or design.
Thank you,
Dave Aitel
Public and Media Relations
Immunity, Inc.
http://www.immunitysec.com/
917-545-4742
Powered by blists - more mailing lists