May 7, 2012

Spring Cleaning: Five Advanced Programming Issues

Frank Gifford

As a programmer, you already know about many programming issues and how to avoid them. But there are some that are more subtle yet every bit as dangerous when hackers are involved. In our roles at BreakingPoint, my colleagues and I get to think about the various problems that our customers have with their networks. We look at problems from multiple sides and help re-create known problems in order to mediate and to prevent bugs from getting into the wild. The ultimate goal is to stop hackers from disrupting networks.

May 3, 2012

Deep Packet Inspection, Viber, and You

Andrew Jean

DPI, or deep packet inspection, is an acronym you have probably heard more than a few times. It is used by a broad range of devices for an equally broad range of applications. For example:

• Firewalls employ DPI to detect malicious traffic early, blocking attacks and malware before they ever enter the network. DPI can do this by detecting malformed, protocol-specific packets known to cause crashes or to carry malicious payloads.
• Routers and management hardware use DPI to classify traffic based on its hosts, the protocols used, and potentially fields within protocols. This knowledge allows administrators of large networks to identify and throttle large-bandwidth consumers, among other things.

May 1, 2012

No Public Exploit Available? No Worries: The Story of CVE-2012-0002

Alex Nikitin

Security professionals, like everyone, can often be misled by equivocation, semantic ambiguities aimed at creating meaningful logic from vague claims. We see these phrases all the time: “no public exploit available” or “there are no known published exploits in circulation.” Although worded differently depending on the security feed, these are simply oracular phrases that often lead to the false logic that if no public exploit exists, then nobody is exploiting it in the wild. Yet time and again those very exploits become subjects of late nights or weekends spent at work.