Security Basics mailing list archives
Re: ressources / links on protocol flaws or exploits
From: Stefan Marx <marx.s () gmx net>
Date: 06 Sep 2003 00:01:13 +0200
Hi, I think it might be difficult to find such information for a protocol, you should search for flaws in specific implementations of the protocol. E.g. you will not find exploits for the general protocol RADIUS, but you may find exploits for the Microsoft or CISCO or whatever implementation of RADIUS. A good starting point is the vulnerability database at http://www.securityfocus.com/bid . If you want to gain knowledge about the generic protocols regardless of vendors implementations, you have to read the according RFCs. You can find them here: http://www.rfc-editor.org/ Regards, Stefan
I need your help on the following issue: i have to evaluate some protocols security-wise. The problem is i connot find the right links and ressources to do this. Of course i googled before i wrote this, but every exploit list i found was not searchable. I need ressources where i can search for protocol-related weaknesses and exploits, f.e. you type in 'RADIUS' and get some information on RADIUS exploits.
--------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- ressources / links on protocol flaws or exploits Simple Simon (Sep 05)
- Re: ressources / links on protocol flaws or exploits Stefan Marx (Sep 05)