TuskenTower on 8 Feb 2008 06:56:22 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] The Vulnerabilites Business....?

On Feb 7, 2008 10:04 PM, Kristian Erik Hermansen
<kristian.hermansen@gmail.com> wrote:
> Closed source vendors don't usually write great code, because they
> don't have to.  No one on the outside sees it in source form.  Thus,
> you get a bunch of junk that "works", but is difficult to debug.  In
> this instance, and not very uncommon, the exploiter knows the code
> better than the authors of the software.  This actually happens a lot
> :-)
One more problem with closed source.  When the closed source vendor's
source repository is breached, all the low hanging exploits go wild.

> It is an entire industry.  When I worked on the Cisco Security Agent
> team from 2005-2007 we subscribed to GLEG.  Yes, you get 0-day for a

I worked on Symantec's Critical System Protection Agent.  I doubt
you'll every hear of it though.
It's an AppArmor for Linux, winDOwS and Solaris.  All file path based
making it a PITA to configure.  When I left (~3yrs) metasploit was
still having its way with it.

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug