-
May 12th, 2004, 07:22 AM
#1
Junior Member
Vulnerabilities
Need Help,
What is Vulnerability of a (OS/Ports)?
What damage it can cause to any machine?
Can we control or remove that Vulnerability?
Stay Tuned.
-
May 12th, 2004, 07:27 AM
#2
A vulnerability is usually a software flaw that can be taken advantage of, in software that operates over ports. The damage depends on the flaw and the software, and can range to unauthorized complete control. To remove the vulnerability, update your OS and services. Are you on windows? windowsupdate.microsoft.com
Try a firewall as well. Give Kerio a shot. If you are willing to pay, give Norton Internet Security a shot.
-
May 12th, 2004, 07:50 AM
#3
Junior Member
Hey Soda_Popinsky, thanks for your help.
Please correct me if I am wrong.
So a vulnerability is usually a software bug/error that can be taken advantage of, in software that operates over ports.
Can I say that, there's a software, lets take Telnet which operates over a port, which might have a flaw and the one who finds that can take advantage of it and cause damage.
Can I detect a Vulnerability? Also help me on if I want to write my own program to find vulnerability.
Thanks
Stay Tuned
-
May 12th, 2004, 08:00 AM
#4
...and would you like someone to tell you how to exploit the hole that the program someone writes for you finds?
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
May 12th, 2004, 08:16 AM
#5
-
May 12th, 2004, 02:54 PM
#6
Re: Vulnerabilities
Originally posted here by chaitanya
What is Vulnerability of a (OS/Ports)?
Taken from Marriam-Webster:
Main Entry: vul·ner·a·ble
Pronunciation: 'v&l-n(&-)r&-b&l, 'v&l-n&r-b&l
Function: adjective
Etymology: Late Latin vulnerabilis, from Latin vulnerare to wound, from vulner-, vulnus wound; probably akin to Latin vellere to pluck, Greek oulE wound
1 : capable of being physically wounded
2 : open to attack or damage : ASSAILABLE
3 : liable to increased penalties but entitled to increased bonuses after winning a game in contract bridge
- vul·ner·a·bil·i·ty /"v&l-n(&-)r&-'bi-l&-tE/ noun
- vul·ner·a·ble·ness /'v&l-n(&-)r&-b&l-n&s, 'v&l-n&r-b&l-/ noun
- vul·ner·a·bly /-blE/ adverb
What damage it can cause to any machine?
That depends on the vulnerability and what service/process is vulnerable.
Can we control or remove that Vulnerability?
Again this depends on the vulnerability but there's usually a patch available to fix it.
Sometimes you cannot install the patch because it may interfere with 3rd party software.
Then you'll need to take a look at what exactly is vulnerable and how it could be exploited.
If the vulnerable service isn't needed simply uninstall it or otherwise disable it.
Can I say that, there's a software, lets take Telnet which operates over a port, which might have a flaw and the one who finds that can take advantage of it and cause damage.
Yes, you're getting the idea.
Can I detect a Vulnerability?
That depends on your ability. But as TheSpecialist pointed out there are programs that can search for known vulnerabilities. You can also subscribe to a couple of mailinglists to get information about known or probable vulnerabilities (bugtraq and vuln-dev spring to mind). If you're guru you can actively search for them. But then you'll need a good solid understanding of the OS, the service/process, several programming languages, using debuggers and a certain "drive" to solve the puzzel.
Also help me on if I want to write my own program to find vulnerability.
You're on thin ice here. Nobody here will probably help you to "hack" a program but I'm sure everyone will help you to protect it.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
May 12th, 2004, 03:02 PM
#7
Retina and Shadow Security Scanner are your friends too
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|