The problem is, i havent got a credit card, so i dont think iam gonna get that book?
do u have any alternative source for learning about exploits ?
thnks
Printable View
The problem is, i havent got a credit card, so i dont think iam gonna get that book?
do u have any alternative source for learning about exploits ?
thnks
How about using your local library. They can search using the ISBN and order it in from other libraries if need be, or order it if demand is sufficient.Quote:
Originally posted here by 0147
The problem is, i havent got a credit card, so i dont think iam gonna get that book?
do u have any alternative source for learning about exploits ?
thnks
Just a thought!
The library option is out of question coz we havent got a damn library here !
I tried searchin the net , but didnt come up with any useful results !
To be honest you don't _need_ to know how the code behind an exploit works. Could it help you if you are presented with an exploit that is unpatched as yet.... Maybe, but the opportunity to be able to do something to self patch the service is minimal at best. Assuming we are talking about a remote exploit you are better off being able to use an IDS like Snort and being able to read the raw packets and come up with a reset rule that resets the connection when the pattern is recognized prior to the exploit being complete.....
Look at this thread... im sure he will not want to patch or prevent anything. 0147 what do you want us to do about your incompetence to find things? Oh wait, never mind :pQuote:
Assuming we are talking about a remote exploit you are better off being able to use an IDS like Snort and being able to read the raw packets and come up with a reset rule that resets the connection when the pattern is recognized prior to the exploit being complete.....
http://www.google.com/search?hl=en&l...rflow+examples
http://www.google.com/search?hl=en&i...amples&spell=1
http://guinness.cs.stevens-tech.edu/...r-overflow.pdf
Well books reading helps, as you dont have to search the exploit yourself.
But at the same time dont forget you need to learn how to search for information.
Most of the exploit mention in the book are either fixed or out dated.
( By the time they found, author wrote, publish, circulate...... that takes time)
So you cant really "use" them. As those company who employ you to do
security check would have patched them.
If you dont want to buy books, discussion group and www is your best place to start.
As a bonus, you learn how to search for updated info as well!
Thanks ppl for helpin me out !! :D