Thursday, July 05, 2007

Anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r Review, Anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r Pre-Review

Amazon.com just published my five star review of Windows Forensic Analysis by Harlan Carvey. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

I loved Windows Forensic Analysis (WFA). It's cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first five star book from Syngress I've read since early 2006. WFA delivered just what I hoped to read in a book of its size and intended audience, and my expectations were high. If your job requires investigating compromised Windows hosts, you must read WFA.

In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mail today I received a copy of Fuzzing by ninjas Michael Sutton, Adam Greene, and Pedram Amini. H.D. Moore even wrote cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 foreword, for Pete's sake. However, I have some concerns about this book. I performed a technical review, mainly from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 perspective of someone who wants to know more about how to do fuzzing. The drafts I read seemed to be more about how to build a fuzzer. Those of you who are jumping to hit cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 comment button -- I don't want to hear about "you learn how to fuzz by building a tool." Give me a chance to learn how to walk before I try to invent a new method of transportation! We'll see how cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book reads in printed form when I review it.

2 comments:

dre said...

Ok I won't say what you specifically asked me not to say.

What questions do you have?

Allow me to summarize since I've read this book a few times.

1) Fuzz testing generates faults/errors/crashes through known metacharacter injections (defined as generation) into code inputs that use textual fields -or- usually random (but somehow predetermined) binary data (defined as mutation) into code inputs that use binary streams (often TLV's)

2) Heuristics such as protocol dissection (properly automated with a proxy fuzzer ), genetic algorithms, and bioinformatics usually make better mutation-based fuzzers. Generation-based fuzzers have good pre-programmed lists (see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 OWASP testing guide v2 for a fairly basic list).

3) Fuzzer tracking takes source code, or reversed binary/bytecode complexity metrics (code and path coverage) and determines how to start fuzzing and when to stop fuzzing. These are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same metrics that QA gacá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs in order to show that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 program's inputs have been tested, and to what percentage. As an example, Java programmers typically use EMMA or Clover to do this at build time (using ANT, similar to GNU make), and/or in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir IDE (with, e.g. EclEMMA).

4) Intelligent fault detection monitors cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application under test while fuzz testing occurs and checks cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 responses. If a crash occurs, a fuzzer stepper will detect if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 crash was due to one fuzz test, or by some sort of combination of tests. In order to detect errors (any out-of-bounds exception) that do not cause a crash (such as off-by-one's) cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application must be frozen in state while being attached to and checked before un-freezing. Additionally, if you check out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PaiMei crash binning routines, you'll note that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are capable of furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r automating and cataloging faults by referencing stack unwind information from each recorded crash into a tree list. Each
test case can cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n be classified by path as well as exception address.
Stack unwinding would be most useful to stack based buffer overflows, but with SBI/DBI it would be possible to look at bounds checking on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 heap or possibly ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r areas of memory as well. Dynamic binary instrumentation would additionally allow insight into errors accumulating before a crash occurs, giving cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fuzz tester a head start to finding a vulnerability.

I didn't even need cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book to gacá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r most of this information, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 authors have already written an article for DDJ entitled, Requirements for effective fuzzing"

That's all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ory you really need to know.t

Anonymous said...
This comment has been removed by a blog administrator.