Government Security
Network Security Resources

Jump to content

Photo

Vote For Which Project You Want!

- - - - - security
  • Please log in to reply
29 replies to this topic

#16 Guest_ma622_*

Guest_ma622_*
  • Guests

Posted 24 October 2003 - 03:00 AM

i want to join GSO team ..... msg me

#17 phrozen77

phrozen77

    Private First Class

  • Members
  • 66 posts

Posted 24 October 2003 - 11:13 AM

Uhmmmm... didnt vote yet, but id like to see something like this http://www.thc.org/thc-rut/

Coz there are a lot more Firewalls and all the other stuff u suggested out there than smth like that (yes i know of P0f)

#18 Khran

Khran

    Private First Class

  • Members
  • 20 posts

Posted 25 October 2003 - 01:43 PM

yeap i agree, exploit code does help people to learn. Let's work on the analyzer

#19 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 26 October 2003 - 12:14 AM

I'd also like to remind people of the zero tolerance to DDoS bots and virii on this forum. While it may be suggested we'd have to work something out in the middle ground.

#20 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 26 October 2003 - 12:21 AM

Oh, sorry, would you like me to remove the option?


-Shaun.

#21 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 28 October 2003 - 01:50 AM

i am confused between two of these
1. Security Scanner
2. Vulnerabilities Source Code Analyser
umm... can be either of these


A security scanner is a scanner like Nessus.
A Source Code Analyser is a program which checks a piece of code for sloppy or vulnerable code.


-Shaun.

#22 radien

radien

    Private First Class

  • Members
  • 73 posts

Posted 04 November 2003 - 12:37 AM

I have not decided yet.

But I think, It would be so helpfull if every one that would work here have a good view of those things. For example Source Code Analyser,

There are some same projects started before, e.g. Flawfinder RATS ITS4 PScan.

for example Flawfinder (Just take a look at freshmeat.net db):

Flawfinder - Default branch
by David A. Wheeler - Monday, May 21st 2001 12:57 PDT Section: Software
About:
Flawfinder searches through source code looking for potential security flaws. It will provide a list of potential security flaws, sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Flawfinder ignores text inside comments and strings.

Author: David A. Wheeler

Rating: 8.20/10.00 (3 votes)

Homepage:
http://www.dwheeler.com/flawfinder/


A good article to take a view: http://www.linuxjour...le.php?sid=5673

Somebody told me, I can't remember, that u are looking for someguys w/ C/C++ experince. If u have a little experience w/ C And Python or PHP or Perl or Java, u are agree w/ me that developping such a text processing is so much painfull in C, but in Python PHP Ruby Java or Perl is fun.

Take a look alittle deeper on what u want to develop can help so much not get bored of the subject and discontinue it, after u started one of these project.

#23 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 08 November 2003 - 12:49 AM

Poll ended.


The winner is: Vulnerabilities source code analyser, with 23 votes. Vulnerabilities source code analyser came close after with 21 votes. If we for some reason don't create a source code analyser, we'll write some exploits for newly discovered vulnerabilities.

Does anybody have anything to add? Objections? Ideas?


-Shaun.



#24 Guest_OneNight_*

Guest_OneNight_*
  • Guests

Posted 08 November 2003 - 04:01 AM

All i have to say is ...

"Gogogogogogogogogogogo."

Lets get this thing organised.

#25 Kenny

Kenny

    Former Commander In Chief

  • Retired Admin
  • 6,747 posts

Posted 08 November 2003 - 07:56 AM

best of luck to all involved :D
Kenny aka ComSec

Please read the Forum Rules !!!

______________________

#26 radien

radien

    Private First Class

  • Members
  • 73 posts

Posted 08 November 2003 - 01:43 PM

as OneNight said. B)

#27 Guest_archphase_*

Guest_archphase_*
  • Guests

Posted 08 November 2003 - 09:28 PM

Poll ended.


The winner is: Vulnerabilities source code analyser, with 23 votes. Vulnerabilities source code analyser came close after with 21 votes. If we for some reason don't create a source code analyser, we'll write some exploits for newly discovered vulnerabilities.

Does anybody have anything to add? Objections? Ideas?


-Shaun.

Vulnerabilities source code analyser, with 23 votes. Vulnerabilities source code analyser came close after with 21 votes.

Same thing am I wrong?

Personally I think a redudant idea..i'd such suggest rather than just checking for unsecure functions like strcpy, etc. have it create a virtual env like vmware and then test it in there w/ a binary that way administrators can use it for malware.

Regards,
archphase

#28 Guest_wicked_*

Guest_wicked_*
  • Guests

Posted 09 November 2003 - 01:33 AM

Letme know when it's done....

need a new toy.

Wkd.

Enjoy your day.

:rolleyes:

#29 Guest_)Oni(_*

Guest_)Oni(_*
  • Guests

Posted 09 November 2003 - 01:45 AM

I voted for Vulnerabilities Source Code Analyser too.

Would be useful for me at any rate... more than the others.

me too :) maybe it is very useful

#30 whisker

whisker

    Private First Class

  • Members
  • 60 posts

Posted 12 November 2003 - 04:19 PM

I voted vulnerabilities Source Code Analyser

cheers





Also tagged with one or more of these keywords: security