[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internet holes

To: [email protected] (Adam Shostack)
Subject: Internet holes
From: [email protected] (Dr. Frederick B. Cohen)
Date: Thu, 12 Oct 1995 09:21:39 -0400 (EDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Adam Shostack" at Oct 12, 95 07:57:23 am
Sender: [email protected]

> | There are alse several papers there on "Internet Holes" under Network
> | Security in the same on-line journal.  Every month, another 5-10 holes
> | are added to those published in this forum.
> 
> 	And how many of those holes are published by bugtraq/CERT/8lgm
> first? Just curious to see if this is another list I should be on...

I am writing a series of atricles - one per month - for Network Security
Magazine, and am putting lat month's article up as they publish the next
one.  Probably 20% have appeared on bugtraq, etc.

All I am doing is going through the TCP/IP protocols (and other such
stuf) one at a time, writing a short piece on each, describing the most
obvious holes, giving some ideas of how they have been/can be exploited,
and describing in general terms what we might do to fix them.  Next
issue covers NNTP - then comes a 2-month (I think) issue on TCP as a
protocol (lots of holes there) - then whatever strikes my fancy next.  I
figure it will take a few years at this rate to get through the most
important protocols and services.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

References:
- Re: NYT on Internet Flaws
  - From: Adam Shostack <[email protected]>

Prev by Date: Follow-up to sci.crypt posting that prompted NYT article
Next by Date: Re: [NOISE] was Re: java security concerns
Prev by thread: Re: NYT on Internet Flaws
Next by thread: Re: NYT on Internet Flaws
Index(es):
- Date
- Thread