Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Classes?

Re: Classes?

From: George Kurtz <gk_at_SECURITYFOCUS.COM>
Date: Wed, 20 Oct 1999 16:28:53 -0000

Bacano wrote:

We gave StackGuard a nice plug in Hacking Exposed(pg 215) as
part of our buffer overflow countermeasures section. : )

George

<FONT COLOR="#222255">> Other nice (also new) book its
Maximum Linux Security</FONT>
<FONT COLOR="#222255">> (<A TARGET=nonlocal
HREF="/external/http://www.samspublishing.com">http://www.sa
mspublishing.com</A> - isbn 0-672-31670-6 - CD with apps
included,</FONT>
<FONT COLOR="#222255">> and with it, if you dont have a
volume manager: mount -tiso9660 /dev/cdrom</FONT>
<FONT COLOR="#222255">> /mnt/cdrom ... then to install files
on HD type: sh /mnt/cdrom/setup )</FONT>

So I wandered down to Powell's to check out this amazing new
book. 3 out of
800 pages on buffer overflows. Perhaps I'm biassed (because
he doesn't cite
StackGuard at all :-) but doesn't the buffer overflow
problem deserve just a
bit more attention than that?

Sorry, I just had to rant at someone. A huge portion of
everything I see on
the net about security pertains to buffer overflows, and
it's puzzling that
this huge book gives the subject so little attention.

Crispin
-----
Crispin Cowan, CTO, WireX Communications, Inc. <A
TARGET=nonlocal
HREF="/external/http://wirex.com">http://wirex.com</A>
Free Hardened Linux Distribution: <A
TARGET=nonlocal
HREF="/external/http://immunix.org">http://immunix.org</A>
Received on Oct 24 1999

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos