Security Basics mailing list archives
RE: Testing for buffer overflows
From: "Brad Bemis" <Brad.Bemis () airborne com>
Date: Wed, 23 Jul 2003 09:10:32 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Not that this offers a direct answer to your question, but it seemed timely. I am a security professional, not a programmer, but I am currently reading "Writing Secure Code, 2nd Edition" by Michael Howard and David LeBlanc. Though only part way through, at this point I highly recommend it. While you are going through this application security testing process, it might be a good idea to pick up a copy and learn a bit more about the topic. I have found it to be quite enlightening. Just a suggestion to broaden your horizons for next time ;-) Thank you for your time and attention, ======================== Brad Bemis Information Security Services Airborne Express (206) 830-3478 ======================== Email Notice: This communication may contain sensitive information. If you are not the intended recipient, or believe that you have received this communication in error; do not print, copy, retransmit, disseminate, or otherwise use the information contained herein for any purpose. Please alert the sender that you have received this message in error, and delete the copy that you received.
-----Original Message----- From: David stout [mailto:d.stout () solvesolutions co uk] Sent: Wednesday, July 23, 2003 5:48 AM To: security-basics () securityfocus com Subject: Testing for buffer overflows Hello all, I would like some advice on how to go about having an application tested for buffer overflows. Are there any tools available ? Are there people who can do the testing on my behalf ? Do you need more information first ? I look forward to your replies. David Stout CCSP, CCNA, CRCP, INFOSEC -------------------------------------------------------------- ------------- -------------------------------------------------------------- --------------
-----BEGIN PGP SIGNATURE----- iQA/AwUBPx6zeJDnOfS48mrdEQKmxwCgjn+6irkEGZLSXZP1pBB+jFUv440AniIO CxoJ4KV6ip1ICf9MDBI1hl8m =Ceek -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Testing for buffer overflows Brad Bemis (Jul 23)
- <Possible follow-ups>
- Re: Testing for buffer overflows DownBload (Jul 23)
- Re: Testing for buffer overflows olafandjasper (Jul 24)