Dailydave mailing list archives
parsers fall down go boom?
From: dave <dave () immunityinc com>
Date: Thu, 06 Aug 2009 15:36:40 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Good read: http://www.cert.fi/en/reports/2009/vulnerability2009085.html So fuzzing can find lots of cool bugs, and one of the things you eventually learn is that you don't want to attach a giant parser where you don't absolutely have to. This is the sort of global statement that leads you to believe that entire technology segments are a bit wonky (aka, NIDS, NIPS, AV, WAF ("Web Application Firewall"), etc.). Of course, "don't do it unless you absolutely have to" sometimes means you still do it. This morning when I got in, I read an email announcement from D2 about a new exploit they've released that targets a popular WAF. Lemme tell you, there's nowhere a hacker would rather be than on your WAF. If for no other reason than the irony, because hackers have good senses of humour. D2's CANVAS pack is like, less than 2K USD. Honestly, you'd have to be crazy not to buy it just to find out which WAF I'm talking about in this email. :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkp7MMgACgkQtehAhL0ghep5gACdExaRDPaqwMn7hlhTdWDtHfTA qG0AnRZiyorZfJgpbGJMFhx6VaW8cMev =rR8P -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- parsers fall down go boom? dave (Aug 06)
- Re: parsers fall down go boom? Tracy Reed (Aug 06)
- Re: parsers fall down go boom? Robert Graham (Aug 13)
- Re: parsers fall down go boom? Tracy Reed (Aug 06)