Paco Hope wrote:
On 8/16/07 7:44 PM, silky [EMAIL PROTECTED] wrote:
how is this different then sending malformed packets to an rpc interface?
...
Now I'll gently disagree with Gary, who is my boss, so you know I'll hear
about it in the hallways... I think this feels more like privilege
(was RE: [SC-L] Insider
threats and software)
Hi Gary,
Our Exchange server was down for awhile so rather than posting
a reply to your post on SC-L, I simply created a reply thread
on your Dark Reading column.
Given that, I'm not sure that it's worth posting to SC-L too.
Give it a read and see
Hello all,
I do not agree with Mike's point of view. Of course the unique way to cheat a
system is to understand how it is working, and to abuse it. But the main
difference is that you can hardly talk about protocol in the case of
applications: if you have a given protocol, you 'just' need to
Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Pierre Parrend
Sent: Thursday, August 16, 2007 4:20 AM
To: silky
Cc: SC-L@securecoding.org
Subject: Re: [SC-L] Insider threats and software
Hello all,
I do not agree with Mike's point of view. Of course the unique way to cheat
]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Pierre Parrend
Sent: Thursday, August 16, 2007 4:20 AM
To: silky
Cc: SC-L@securecoding.org
Subject: Re: [SC-L] Insider threats and software
Hello all,
I do not agree with Mike's point of view. Of course the unique
: Re: [SC-L] Insider threats and software
i really don't see how this is at all an 'insider' attack; given that
it is the common attack vector for almost every single remote exploit
strategy; look into the inner protocol of the specific app and form
your own messages to exploit it.
On 8/15/07
i really don't see how this is at all an 'insider' attack; given that
it is the common attack vector for almost every single remote exploit
strategy; look into the inner protocol of the specific app and form
your own messages to exploit it.
On 8/15/07, Gary McGraw [EMAIL PROTECTED] wrote:
Hi
* Gary McGraw:
My darkreading column this month is devoted to insiders, but with a
twist. In this article, I argue that software components which run
on untrusted clients (AJAX anyone? WoW clients?) are an interesting
new flavor of insider attack.
I really wish this were something new. 8-(
Hi sc-l,
My darkreading column this month is devoted to insiders, but with a twist. In
this article, I argue that software components which run on untrusted clients
(AJAX anyone? WoW clients?) are an interesting new flavor of insider attack.
Check it out:
