Examining a public exploit, part 1
To many people, the world of computer security and intrusion detection can often be confusing to understand. As an instructor, many of the people who ask me about intrusion detection and packet analysis often ask the same questions, such as the following: What tools do you use? Can you practice and learn this at home? What kind of knowledge does one need to have? These and other questions figure predominantly.
In this article series these questions will be answered and shown to the reader for evaluation in a lab environment. We'll take a publicly available exploit, which you can download and compile at your discretion, and then analyze how it would be seen on your network and evaluated from a security administrator's point of view.
By Don Parker at SecurityFocus.
[ Read more ]