Home page logo
/

dailydave logo Dailydave mailing list archives

Re: Faster, smashter.
From: "Rafal @ IsHackingYou.com" <rafal () ishackingyou com>
Date: Tue, 9 Dec 2008 09:14:54 -0600

That's brilliant Dave - but where are you getting your numbers?  Are you 
using a public source, are you using top-secret ImmunityInc research or...? 
I'd love to get that source if you're willing to share.  It's all about real 
numbers!

__
Rafal M. Los
IT Security - Response | Mitigation | Strategy

E-mail:  rafal.atishackingyou.dotcom
 - Blog:         http://preachsecurity.blogspot.com

--------------------------------------------------
From: "Dave Aitel" <dave () immunityinc com>
Sent: Tuesday, December 09, 2008 8:45 AM
To: <dailydave () lists immunityinc com>
Subject: Re: [Dailydave] Faster, smashter.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One technique we're doing this week with a client is taking an attack
tree and marking it up with dollar values. I.E. if you wanted to buy
an 0day in X component, how much would it cost?

This then is a simple summation to produce a "how much is it to get
into the internal network from the internet" which the business can
use to help them decide yay/nay on the project as a whole depending on
their own view of the threat and the value of the information they are
protecting.

- -dave


Halvar Flake wrote:
Hey all,

It seems that discussions in ITsec are periodic -- the same
discussions and same arguments come up again and again.

1. Of course attackers use new vulnerabilities. It is the nature of
offense. Defense is done "to the maximum of current knowledge".
Offense, by it's nature, has to expand on the status quo.

2. How do you simulate an attack with a new vulnerability if you
don't have one ?

Well, military folks do wargames all the time without actually
using up the arsenal they have on the shelves. Network attacks
should probably be done in a similar manner -- have an umpire, and
give the attacking team a few "0day cards". With these cards they
get high-probability code execution for a piece of software of
their choice.

The pentest then proceeds like a game, but can be conducted on the
real network, too.

But I am repeating myself ...

Cheers, Halvar _______________________________________________
Dailydave mailing list Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJPoSCtehAhL0gheoRAqofAJ0Yvic/Ro6dRr+xWLavp+DizANyAACfWUXc
JRFeXEvy4EJeg5gkuXxC2ZU=
=6PWU
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]