[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internet holes

> | There are alse several papers there on "Internet Holes" under Network
> | Security in the same on-line journal.  Every month, another 5-10 holes
> | are added to those published in this forum.
> 	And how many of those holes are published by bugtraq/CERT/8lgm
> first? Just curious to see if this is another list I should be on...

I am writing a series of atricles - one per month - for Network Security
Magazine, and am putting lat month's article up as they publish the next
one.  Probably 20% have appeared on bugtraq, etc.

All I am doing is going through the TCP/IP protocols (and other such
stuf) one at a time, writing a short piece on each, describing the most
obvious holes, giving some ideas of how they have been/can be exploited,
and describing in general terms what we might do to fix them.  Next
issue covers NNTP - then comes a 2-month (I think) issue on TCP as a
protocol (lots of holes there) - then whatever strikes my fancy next.  I
figure it will take a few years at this rate to get through the most
important protocols and services.

-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236