|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] The Vulnerabilites Business....?
|
On Feb 7, 2008 10:04 PM, Kristian Erik Hermansen
<kristian.hermansen@gmail.com> wrote:
>
> Closed source vendors don't usually write great code, because they
> don't have to. No one on the outside sees it in source form. Thus,
> you get a bunch of junk that "works", but is difficult to debug. In
> this instance, and not very uncommon, the exploiter knows the code
> better than the authors of the software. This actually happens a lot
> :-)
One more problem with closed source. When the closed source vendor's
source repository is breached, all the low hanging exploits go wild.
> It is an entire industry. When I worked on the Cisco Security Agent
> team from 2005-2007 we subscribed to GLEG. Yes, you get 0-day for a
I worked on Symantec's Critical System Protection Agent. I doubt
you'll every hear of it though.
http://www.symantec.com/business/products/overview.jsp?pcid=2241&pvid=928_1
It's an AppArmor for Linux, winDOwS and Solaris. All file path based
making it a PITA to configure. When I left (~3yrs) metasploit was
still having its way with it.
JM2c
Amul
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|