Announcement

Collapse
No announcement yet.

Vulnerability info?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Vulnerability info?

    So I've been wondering where you all find vulnerability information. What sites to visit? What books to read? Etc?
    thanx
    The only stupid question is the one that you dont ask.
    Or the one that ends up in dev/null.

  • #2
    GOOGLE

    BUGTRAQ

    NT BUGTRAQ

    SECURITYFOCUS

    PACKETSTORM

    ICAT

    CERT

    Although many of these are easily findable if GOOGLE was used, I posted a few with the GOOGLE link included to assist you.

    Qu|rk-

    Comment


    • #3
      Originally posted by Qu|rk
      GOOGLE

      BUGTRAQ

      NT BUGTRAQ

      SECURITYFOCUS

      PACKETSTORM

      ICAT

      CERT

      Although many of these are easily findable if GOOGLE was used, I posted a few with the GOOGLE link included to assist you.

      Qu|rk-
      well i usually use GOOGLE but there are sooo many junk sites that i usually can't tell which ones are legit (that shows what kind of 'hacker' i am)
      preciate it alot
      thanx
      The only stupid question is the one that you dont ask.
      Or the one that ends up in dev/null.

      Comment


      • #4
        Originally posted by enCode
        well i usually use GOOGLE but there are sooo many junk sites that i usually can't tell which ones are legit (that shows what kind of 'hacker' i am)
        It's not about being a hacker/cracker/phreak - it's about investigating sites that you see -

        If the url for example is:

        http://www.thisbox.org/fishing/kamas...ersecurity.htm

        you can pretty much guess that it's not completely computer security related, and probably isn't all.

        Qu|rk-

        Comment


        • #5
          yea, makes sense I guess.
          I should develope that thing...
          whats it called?
          comon sense?! :)
          The only stupid question is the one that you dont ask.
          Or the one that ends up in dev/null.

          Comment


          • #6
            Don't feel bad. Commom sense isn't that common.

            Comment


            • #7
              Originally posted by Qu|rk
              It's not about being a hacker/cracker/phreak - it's about investigating sites that you see -

              If the url for example is:

              http://www.thisbox.org/fishing/kamas...ersecurity.htm

              you can pretty much guess that it's not completely computer security related, and probably isn't all.

              Qu|rk-
              I agree with all that's been said, but I have to admit....I clicked on this link to see where it went. :)
              Ya got no legs, don't come crawlin' to me.

              Comment


              • #8
                great vulnerablility database

                after some searching and a little luck i found what looks to be a promising database site
                http://www.osvdb.org/
                The only stupid question is the one that you dont ask.
                Or the one that ends up in dev/null.

                Comment


                • #9
                  securiteam.com

                  Comment


                  • #10
                    Originally posted by enCode
                    well i usually use GOOGLE but there are sooo many junk sites that i usually can't tell which ones are legit (that shows what kind of 'hacker' i am)
                    preciate it alot
                    thanx
                    Uh, that's the internet for you buddy. Go to the nearest univeristy and talk to their computer science department.

                    How do you think hackers in the 70s and 80s learned? Why do you think any sane professor would not accept a source taken off google?

                    Comment


                    • #11
                      Originally posted by astcell
                      Don't feel bad. Commom sense isn't that common.
                      Well said... =\ its not.
                      -Christopher

                      Comment


                      • #12
                        Originally posted by phobal
                        Uh, that's the internet for you buddy. Go to the nearest univeristy and talk to their computer science department.

                        How do you think hackers in the 70s and 80s learned? Why do you think any sane professor would not accept a source taken off google?
                        Hmmmm? never realy though about it till now?
                        The only stupid question is the one that you dont ask.
                        Or the one that ends up in dev/null.

                        Comment


                        • #13
                          you'll learn a lot more by going to the library than you will searching on google. the internet is good to find superficial tip of the iceberg information, but is useless for meaningful, solid, credible information.

                          Comment


                          • #14
                            Originally posted by phobal
                            you'll learn a lot more by going to the library than you will searching on google. the internet is good to find superficial tip of the iceberg information, but is useless for meaningful, solid, credible information.
                            Then again, there are numerous (as in too many to count) sites that host comprehensive amounts of information. For instance, if I want to lookup the original admin guide, user manuals and technical references for say, a Cisco router, it's all on Cisco's site. The same can be said in many cases.

                            I'm not saying that the Internet doesn't have it's share of useless crud, but the library has crud as well (it doesn't take THAT much effort to get published).
                            “Bigamy is having one wife too many. Monogamy is the same.”

                            Comment


                            • #15
                              Originally posted by spahkle
                              Then again, there are numerous (as in too many to count) sites that host comprehensive amounts of information. For instance, if I want to lookup the original admin guide, user manuals and technical references for say, a Cisco router, it's all on Cisco's site. The same can be said in many cases.

                              I'm not saying that the Internet doesn't have it's share of useless crud, but the library has crud as well (it doesn't take THAT much effort to get published).
                              this is true. there are SOME valid sites, such as cisco, microsuck, sun, etcetc, but anything else must only be trusted with the deepest hesitance. any asshat could log on and create his own authentic looking website, unlike literature in a library where the work there is inspected by publishers, scholars, and the schools that purchase the work.

                              Comment

                              Working...
                              X