Re: Re: ProtoVer vs Lotus Domino Server 7.0

["Evgeny Legerov" <admin () gleg net>]

Hi,

> Gadi Evron <ge () linuxbox org> wrote:
> Evgeny Legerov wrote:
> > I think that IBM already did a good work - I just run 
> > all ~12000 PROTOS 
> > LDAP tests  (FYI: ProtoVer LDAP is able to generate 
> > ~200000 tests), 
> > anyway I found that all PROTOS tests passed (I tested 
> > Lotus Domino 7.0 
> > on Linux).
> >
> > Maybe I was doing something wrong with PROTOS tests so 
> > independant 
> > testing would help here.
>
> PROTOS is indeed amazing, and the people developing it 
> even more. They are fuzzing crazy! :)
> However, as far as I understand it PROTOS is not 
> strictly a fuzzer.

PROTOS is great but it would be very interesting to see 
how they are generating their test-cases.

BTW, there are commercial versions of PROTOS test suites - 
Codenomicon Test tools.
 

> If I got this right, in their development labs the guys 
> do a lot of fuzzing, find viable ways of attacking 
> applications implementing a certain protocol and add it 
> to their PROTOS engine much like anyone would a NESSUS 
> plugin.
>
> So, it is extremely useful, extremely fast, but if I 
> don't get it wrong it is not strictly a fuzzer but rather 
> the front-end to what a good fuzzer already found in 
> other implementations of the same type.
>
>         Gadi.

Best regards,
Evgeny Legerov
CEO, GLEG Ltd.