Full Disclosure mailing list archives
Re: Info about attack trees
From: Defence in Depth <defenceindepth () gmail com>
Date: Tue, 29 May 2012 13:40:38 +0930
I think this quote sums it up well: "Hacking is ... not a day job or a semi-ordered list of instructions found in a thick book." - Anthony Bunyan (Shellcoder's Handbook) Predetermining an attack path or even representing every possible way an entity can be attacks is just not possible. There are potentially an infinite number of permutations one could take to compromise a system. Formalising such a thing would not accurately represent the real world; it would merely display a subset of possible attack vectors. This is a good example of where someone has made something from nothing (and would have been very difficult to have predicted/formalised): http://xs-sniper.com/blog/2010/12/17/will-it-blend/ Regards, Patrick Dunstan www.defenceindepth.net
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Info about attack trees, (continued)
- Re: Info about attack trees Urlan (May 25)
- Re: Info about attack trees Thor (Hammer of God) (May 25)
- Re: Info about attack trees Gage Bystrom (May 26)
- Re: Info about attack trees coderman (May 26)
- Re: Info about attack trees Georgi Guninski (May 28)
- Re: Info about attack trees coderman (May 28)
- Re: Info about attack trees coderman (May 26)
- Re: Info about attack trees Urlan (May 25)
- Re: Info about attack trees Daniel Hadfield (May 27)
- Re: Info about attack trees Peter Dawson (May 28)
- Re: Info about attack trees Gage Bystrom (May 28)
- Re: Info about attack trees Peter Dawson (May 28)
- Fw: Info about attack trees Jerry dePriest (May 28)
- Re: Info about attack trees Defence in Depth (May 29)