is there any differance bettween a vunrability and an exploit??
Printable View
is there any differance bettween a vunrability and an exploit??
a vulnearbility is something that CAN be exploited. an exploit is a vulnerability that HAS been explointed.
yes. A vunurbuilty is the theory behind the weakness. Example, it is known that a certain program opens a port on a computer.
An exploit on the other hand is a specific way of using that vunurbuilty, like a script that can use the open port to gain root access.
vunurbulity is the theory, exploit is the action. a vunurbulity can exsist with out a known exploit.
Hope this helps, and sorry for the spelling.
Time to go get beer!
DeafLamb
thanks because it was confusing me.
Its funny how many different ways the word "vulnerability" was spelled in this thread.
btw , who writes exploits, and any good sites on the subject.
you can't write an exploit, its an action. you can write a script to exloit things. but you can't write exploints
ok, now do viruses, torojans, D0s atacks, worms, and other attacks depend or use vulnerability in the commponents to attack the system.
and yes it is c00l how you see different spelling of the word, but the correct spelling is vulnerability i looked it up in the dictionary.
I'm sorry for the spellin, really I am, but I'm just no good at it. Now I am drinking so don't expect it to get any better.
DeafLamb
no problem
Hi quod
You asked about malware and vulnerabilities? I would guess that maybe 95% of malware written in the last 6 months use "vulnerabilities", generally in the operating system.
Viruses are by far the oldest malware, and tend to rely on stealth & infection. Trojans tend to rely on User stupidity to run them. Worms just travel the net, and frequently rely on an unwary user to unleash them. Some are network aware, and use vulnerabilities in the OS.
DoS and DDoS attacks rely on machines having already been taken over. Of themselves, they just generate massive traffic to swamp a target. The means of the "bots" getting taken over might be by exploitation of a vulnerability, but could be a trojan that an unsuspecting user has launched? probably from an e-mail attachment.
Nukes and vandals are crude, full frontal destructive assaults. They may or may not exploit vulnerabilities in the operating system. (Buffer overflows and suchlike)
I think the message is that current trends are for exploits based on vulnerabilities in the operating systems, rather than the stealth and infection that I usually associate with viruses.
We have actually seen a decline in the social engineering approach I think....that is where the User is fooled into opening an attachment (running a script) that loads the malware.
To make things even more complicated, there has been a trend of late for malware to use more than one method, so thay don't fall nicely into categories any more.
Now that I am sure I have totally confused you, I might as well join DeafLamb and get drunk :D
Have a good week-end
EDIT: Sites?...Try CERT, CIAC and the Microsoft Security Bulletins themselves.
Cheers
Uhhhh... whoever owns a computer...Quote:
Or peaple with alot more brains/time on their hands than you?
http://www.antionline.com/showthread...294#post667294
http://www.antionline.com/showthread...329#post668329
BugTraq, SecurityFocus, (Google)... you name it. The list goes on from there.Quote:
Well thought I would check back on this thread. Have quite a bit of Killian's Irish Red in be now. Looks like the thread is going quite splendidly. All I know is that my computer is probably quite vulnerable, but has not been exploited.
Haha I made a funny.
Love, Peace, and The Penguin.
DeafLamb
are there any types of exploits??
heh , well yes of course there are types of exploits... There are exploits that are designed to run on a specific architecture.. So don't go get dev c++ and try to compile an exploit on your windows box designed to exploit a vulnerability in Sun lol... More info at www.insecure.org
Nihil, I hope you are enjoying yourself as much as I am right now. Back to the vulnurbulity (don't know if i spelled that right) issue. Pretty much having a computer becomes a vulnurbulity. Increase that 10 fold if the computer is connected to a network. Increase the chances even more if the computer is connected to the internet. No computer is one hundred percent safe, ever. Given a long enough amount of time, and enough devotion, any system can be compromised. It's just the nature of the beast, even if your computer is not connected to any network, no computer is physicaly safe. That in itself is a vulnurbuility, if your computer can be accessed physicaly by strangers (ie at work after hours), then it can be exploited.
Now that I'm done with my conspricary theory that everyone is out to get me, I'll drink more beer.
Enjoy
DeafLamb
Quod,
It seems to be more usual to describe the vulnerability, rather than the exploit TYPE.
For example you might see "The ABC worm exploits the XYZ vulnerability in Internet Explorer"
The actual "exploit" is usually only defined at a high level such as "trojan", "worm", "Mass Mailer" and so on. This is because the exploit is totally dependent on the vulnerable environment and the lack of patches, rather than standing alone in its own right like a traditional virus.
Viruses tend to be classed into types.
You might go to the Semantec(Norton) and NAI (McAfee) websites and see how they classify malware.
Be warned! there is no "standard" in the AV/security industry, so one company may use a different name from another, for the same malware.
Cheers