Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Classes?

Re: Classes?

From: Max Vision <vision_at_WHITEHATS.COM>
Date: Sun, 24 Oct 1999 10:48:39 -0700

> So I wandered down to Powell's to check out this amazing new book. 3
> out of 800 pages on buffer overflows. Perhaps I'm biassed (because he
> doesn't cite StackGuard at all :-) but doesn't the buffer overflow
> problem deserve just a bit more attention than that?
>
> Sorry, I just had to rant at someone. A huge portion of everything I
> see on the net about security pertains to buffer overflows, and it's
> puzzling that this huge book gives the subject so little attention.
>
> Crispin

Hi,

This reminds me of a mini-review I sent off to some friends awhile back.
I thought the book was excellent for anyone new to security, but was
missing a lot of technique. For what it's worth, HackingExposed is an
order of magnitude more useful than MaximumSecurity(jokebook).
mini-review follows... 

---
Ok.  So I bought the book.  I bought Hacking Exposed.
It's what I expected.  They make a good run at describing penetration
testing. Obviously any single work is going to miss a lot of things and
only be able to cover a certain small percentage, but this is pretty damn
good.
So maybe it's not a Big Secret that Visual Route and IP Network Browser
exist.  But I actually gasped when I saw the all-too-familiar screenshots
of them on page 27 and 69.  And nothing else in the book is really secret
either, IMHO, but this would make killer reading material for anyone
looking to get into security that doesn't alreay Know.
I think the best aspect of this book is that the authors talk about Doing
Things Right.  They talk about all the right tools and most of the right
techniques.  The section on Novell was excellent.  I personally detest
Novell, but they did such a good job of making auditing it look easy that
I might have a pass at it using something other than Pandora/Kane soon.
I think the worst aspect of this book is that it missed the boat on packet
forging/spoofing, dns attacks, routing attacks, and bouncing/redirection
attacks.  I found a total of 2 pages that cover routing/dns type attacks
and they are vague fluffy and in one case misleading.
Another criticism is that they don't cover the technical underlaying
security issues.  This is a how-to type manual, showing command line
switches and some screen shots, but you won't find packet-traces or deep
explanations of any given attack...
In some parts it's amazing.  As though someone rooted me a year ago,
watched me work for a awhile, taking notes, and then wrote about it.  In
others it's pretty light-weight and misses the point.
I understand completely why route/aleph/sn backed the book from the start.
Hm. </review>
Max
---
ob vuldev: I'm not sure if I saw a public response to the wwwboard
question, but - in fact the password hash in passwd.txt is a standard unix
crypt and can be attacked with john/crack/etc.
Incidentally, I feel the same about H.E.'s treatment of buffer overflows,
but I don't want to give wrong impression- the book is great :)
Max
Received on Oct 24 1999
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos