funsec mailing list archives

Re: Israeli Software Company Faces U.S. Probe

From: James Kehl <shykta () dione ids pl>
Date: Mon, 6 Mar 2006 12:07:40 +0100 (CET)



On Sun, 5 Mar 2006, Aviram Jenik wrote:


When CheckPoint did a common criteria evaluation, one of the issues found was
several hardcoded IP addresses that showed up in the binary. Those were all


One question: given that an IPv4 address is a 32-bit value, and pretty
much any set of four bytes can make up a valid IP address, how could you
spot hardcoded IP addresses in a binary?

(What sort of lazy backdoor-writer uses inet_aton, instead of a plain
integer, or better still, code used as data??!)

James
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

RE: Israeli Software Company Faces U.S. Probe, (continued)
- RE: Israeli Software Company Faces U.S. Probe Ryan Counts (Mar 02)
  - Re: Israeli Software Company Faces U.S. Probe Andre Ludwig (Mar 02)
    - Re: Israeli Software Company Faces U.S. Probe Dude VanWinkle (Mar 02)
    - Re: Israeli Software Company Faces U.S. Probe Andre Ludwig (Mar 02)
  - Re: Israeli Software Company Faces U.S. Probe S.f.Stover (Mar 03)
    - RE: Israeli Software Company Faces U.S. Probe Larry Seltzer (Mar 03)
- RE: Israeli Software Company Faces U.S. Probe Henderson, Dennis K. (Mar 02)
- Re: Israeli Software Company Faces U.S. Probe Fergie (Mar 02)
  - Re: Israeli Software Company Faces U.S. Probe Dude VanWinkle (Mar 02)
    - Re: Israeli Software Company Faces U.S. Probe Aviram Jenik (Mar 05)
    - Re: Israeli Software Company Faces U.S. Probe James Kehl (Mar 06)
- RE: Israeli Software Company Faces U.S. Probe Kyle Quest (Mar 06)