Firewall Wizards mailing list archives
Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe)
From: ant () notatla demon co uk (Antonomasia)
Date: Wed, 15 Aug 2001 00:22:06 +0100 (BST)
From: Adam Shostack <adam () homeport org>
ITS4, RATS, flawfinder, Lopht Slint, fuzz.
I have a couple of tools in Perl and pretty crude: For file race conditions (after Bishop & Dilger) http://www.notatla.demon.co.uk/SOFTWARE/SCANNER/scanner-1.0b.tar.gz For format bugs http://www.notatla.demon.co.uk/SOFTWARE/SCANNER/argcount.plx The format tool is outclassed by Alan DeKok's http://www.striker.ottawa.on.ca/~aland/pscan/
The immunix suite is worth looking at, as is David Wagner's thesis (I don't think the code is available, but hey, sometimes its worth reading the paper, not the code.)
Obviously Adam and I have been pointing our brain cells the same way lately. -- ############################################################## # Antonomasia ant notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ############################################################## _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Antonomasia (Aug 16)