|
-
September 13th, 2004, 06:41 PM
#11
Junior Member
question !
The problem is, i havent got a credit card, so i dont think iam gonna get that book?
do u have any alternative source for learning about exploits ?
thnks
An Eye for An Eye Ends up makin the whole world blind . . .
-
September 13th, 2004, 06:48 PM
#12
 Re: question !
Originally posted here by 0147
The problem is, i havent got a credit card, so i dont think iam gonna get that book?
do u have any alternative source for learning about exploits ?
thnks
How about using your local library. They can search using the ISBN and order it in from other libraries if need be, or order it if demand is sufficient.
Just a thought!
Tomorrow is another day for yesterdays work!
-
September 13th, 2004, 07:04 PM
#13
Junior Member
question !
The library option is out of question coz we havent got a damn library here !
I tried searchin the net , but didnt come up with any useful results !
An Eye for An Eye Ends up makin the whole world blind . . .
-
September 13th, 2004, 10:25 PM
#14
To be honest you don't _need_ to know how the code behind an exploit works. Could it help you if you are presented with an exploit that is unpatched as yet.... Maybe, but the opportunity to be able to do something to self patch the service is minimal at best. Assuming we are talking about a remote exploit you are better off being able to use an IDS like Snort and being able to read the raw packets and come up with a reset rule that resets the connection when the pattern is recognized prior to the exploit being complete.....
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
September 14th, 2004, 01:32 AM
#15
Assuming we are talking about a remote exploit you are better off being able to use an IDS like Snort and being able to read the raw packets and come up with a reset rule that resets the connection when the pattern is recognized prior to the exploit being complete.....
Look at this thread... im sure he will not want to patch or prevent anything. 0147 what do you want us to do about your incompetence to find things? Oh wait, never mind
http://www.google.com/search?hl=en&l...rflow+examples
http://www.google.com/search?hl=en&i...amples&spell=1
http://guinness.cs.stevens-tech.edu/...r-overflow.pdf
-
September 14th, 2004, 04:33 AM
#16
Member
Well books reading helps, as you dont have to search the exploit yourself.
But at the same time dont forget you need to learn how to search for information.
Most of the exploit mention in the book are either fixed or out dated.
( By the time they found, author wrote, publish, circulate...... that takes time)
So you cant really "use" them. As those company who employ you to do
security check would have patched them.
If you dont want to buy books, discussion group and www is your best place to start.
As a bonus, you learn how to search for updated info as well!
-
September 14th, 2004, 12:07 PM
#17
Junior Member
question !
Thanks ppl for helpin me out !! 
An Eye for An Eye Ends up makin the whole world blind . . .
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote