Dailydave mailing list archives

Re: Faster, smashter.

From: Halvar Flake <halvar () gmx de>
Date: Tue, 09 Dec 2008 11:10:20 +0100

Hey all,

It seems that discussions in ITsec are periodic -- the same discussions and
same arguments come up again and again.

1. Of course attackers use new vulnerabilities. It is the nature of offense.
Defense is done "to the maximum of current knowledge". Offense, by it's
nature, has to expand on the status quo.

2. How do you simulate an attack with a new vulnerability if you don't
have one ?

Well, military folks do wargames all the time without actually using up
the arsenal
they have on the shelves. Network attacks should probably be done in a
similar
manner -- have an umpire, and give the attacking team a few "0day
cards". With these
cards they get high-probability code execution for a piece of software
of their choice.

The pentest then proceeds like a game, but can be conducted on the real
network, too.

But I am repeating myself ...

Cheers,
Halvar
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Faster, smashter. Dave Aitel (Dec 08)
- Re: Faster, smashter. Fisher, Dennis (Dec 08)
  - Re: Faster, smashter. Dragos Ruiu (Dec 08)
    - Re: Faster, smashter. Halvar Flake (Dec 09)
    - Re: Faster, smashter. Dave Aitel (Dec 09)
    - Re: Faster, smashter. Rafal @ IsHackingYou.com (Dec 09)
    - Re: Faster, smashter. dan (Dec 09)
    - Re: Faster, smashter. Marc Maiffret (Dec 10)
    - Re: Faster, smashter. Halvar Flake (Dec 09)
    - Re: Faster, smashter. security curmudgeon (Dec 09)
    - Re: Faster, smashter. Jon Passki (Dec 09)
- Re: Faster, smashter. rauc (Dec 08)