Need Help,
What is Vulnerability of a (OS/Ports)?
What damage it can cause to any machine?
Can we control or remove that Vulnerability?
Stay Tuned.
Printable View
Need Help,
What is Vulnerability of a (OS/Ports)?
What damage it can cause to any machine?
Can we control or remove that Vulnerability?
Stay Tuned.
A vulnerability is usually a software flaw that can be taken advantage of, in software that operates over ports. The damage depends on the flaw and the software, and can range to unauthorized complete control. To remove the vulnerability, update your OS and services. Are you on windows? windowsupdate.microsoft.com
Try a firewall as well. Give Kerio a shot. If you are willing to pay, give Norton Internet Security a shot.
Hey Soda_Popinsky, thanks for your help.
Please correct me if I am wrong.
So a vulnerability is usually a software bug/error that can be taken advantage of, in software that operates over ports.
Can I say that, there's a software, lets take Telnet which operates over a port, which might have a flaw and the one who finds that can take advantage of it and cause damage.
Can I detect a Vulnerability? Also help me on if I want to write my own program to find vulnerability.
Thanks
Stay Tuned
...and would you like someone to tell you how to exploit the hole that the program someone writes for you finds?
Nessus is your friend.
Taken from Marriam-Webster:Quote:
Quote:
Main Entry: vul·ner·a·ble
Pronunciation: 'v&l-n(&-)r&-b&l, 'v&l-n&r-b&l
Function: adjective
Etymology: Late Latin vulnerabilis, from Latin vulnerare to wound, from vulner-, vulnus wound; probably akin to Latin vellere to pluck, Greek oulE wound
1 : capable of being physically wounded
2 : open to attack or damage : ASSAILABLE
3 : liable to increased penalties but entitled to increased bonuses after winning a game in contract bridge
- vul·ner·a·bil·i·ty /"v&l-n(&-)r&-'bi-l&-tE/ noun
- vul·ner·a·ble·ness /'v&l-n(&-)r&-b&l-n&s, 'v&l-n&r-b&l-/ noun
- vul·ner·a·bly /-blE/ adverb
That depends on the vulnerability and what service/process is vulnerable.Quote:
What damage it can cause to any machine?
Again this depends on the vulnerability but there's usually a patch available to fix it.Quote:
Can we control or remove that Vulnerability?
Sometimes you cannot install the patch because it may interfere with 3rd party software.
Then you'll need to take a look at what exactly is vulnerable and how it could be exploited.
If the vulnerable service isn't needed simply uninstall it or otherwise disable it.
Yes, you're getting the idea.Quote:
Can I say that, there's a software, lets take Telnet which operates over a port, which might have a flaw and the one who finds that can take advantage of it and cause damage.
That depends on your ability. But as TheSpecialist pointed out there are programs that can search for known vulnerabilities. You can also subscribe to a couple of mailinglists to get information about known or probable vulnerabilities (bugtraq and vuln-dev spring to mind). If you're guru you can actively search for them. But then you'll need a good solid understanding of the OS, the service/process, several programming languages, using debuggers and a certain "drive" to solve the puzzel.Quote:
Can I detect a Vulnerability?
You're on thin ice here. Nobody here will probably help you to "hack" a program but I'm sure everyone will help you to protect it.Quote:
Also help me on if I want to write my own program to find vulnerability.
Retina and Shadow Security Scanner are your friends too :D