RE: protocol analysis

["Craig H. Rowland" <crowland () cisco com>]

Comer and Lin's paper is a classic read on the subject:

http://www.bell-labs.com/user/johnlin/probing-TCP.pdf


-- Craig

> -----Original Message-----
> From: Cade Cairns [mailto:cairnsc () carbon net] 
> Sent: Thursday, June 26, 2003 3:53 PM
> To: pen-test () securityfocus com
> Subject: protocol analysis
>
>
> I'm currently researching black box network protocol analysis 
> methodologies, but worthwhile papers or other resources on 
> the subject 
> seem few and far between. I've reviewed Dave Aitel's "The 
> Advantages of 
> Block-Based Analysis for Security Testing" and a few other related 
> papers I found while searching the web, but my curiosity is not yet 
> satisfied. I was wondering if anyone on the list might be 
> able to point 
> me in the direction of information relating to techniques used for 
> protocol dissection and any techniques used in security-related tests.
>
> Thanks,
> Cade Cairns
>
> PGP: 0x132279EE
> EC4E 098A 62A1 2A80 15BD  D9CB ED53 4267 1322 79EE


---------------------------------------------------------------------------
Latest attack techniques.

You're a pen tester, but is google.com still your R&D team? Now you can get 
trustworthy commercial-grade exploits and the latest techniques from a 
world-class research group.

Visit us at: www.coresecurity.com/promos/sf_ept1 
or call 617-399-6980
----------------------------------------------------------------------------