Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Penetration testing via shrinkware

From: "tqbf" <ashland () pobox com>
Date: Mon, 21 Sep 1998 18:30:02 -0400 (EDT)
If you go over the code in the IP stack for fragment handling, and you 
know for certain how fragments should be handled, then you can probably 
get a high assurance that they're handled correctly.  If you throw lots 
of fragments for lots of protocols at it, and your test doesn't encompass 
overlapping fragments, your level of assurance is lower.  


Unless you are formally verifying the code, you can't really perform one
type of testing (code review) without the other (black-box testing). Code
designed to handle overlapping fragments has been shown to be broken in
non-obvious ways before, and this occurred because someone took the time
to throw bizarrely overlapping fragments at the code.

This is an obvious point, I just wanted to make sure it was clear.

-----------------------------------------------------------------------------
Thomas H. Ptacek                          Network Security Research Team, NAI
-----------------------------------------------------------------------------
                                 "If you're so special, why aren't you dead?"
Previous By Date Next
Previous By Thread Next

Current thread: