|
||
|
Codenomicon Defensics™
Codenomicon Ltd.: » Defensics™ home page
Information on Fuzzing:
Evaluation version: |
|
|
CODENOMICON NEWSLETTER 2010/04
Collaborating towards RobustnessGreetings from the Codenomicon US office! At Codenomicon, we work with a number of Fortune-1000 customers assisting them in integrating Fuzzing into their Software Development Lifecycle (SDLC). And, we are happy to notice that an increasing number of our customers are now using our tools for Unit Testing in the earlier stages of the SDLC. Moreover, the fuzzing tools are increasingly used by programmers. This is not only great news for their customers, but also for the society at large. Not only are security flaws found earlier, but also more flaws are found. In the implementation phase, fuzzers can be used to test system more thoroughly than in the testing phase. Developers building, for example, IPv6 stacks do not need to run the entire test suite consisting of millions of fuzz tests. Instead, they can target their testing effort at the protocol features they are developing. Being able to accurately target specific protocol elements also means that you do not need to analyze all tests: You just need to analyze the test you run. Contact us if you want us to help you integrate fuzzing into your SDLC. We would like to invite you to join the Codenomicon Backstage! In the Backstage you can ask fuzzing related questions and to talk to our experts directly. The Codenomicon Labs Backstage is an on-line user community created for people using our testing technology and the members of our ecosystem, including Codenomicon's OEM, service and channel partners. The Backstage offers a flexible environment, which can be used to interact with Codenomicon's experts and other Codenomicon users. It also provides an easy access to additional documentation and enables you to create private groups to collaborate with us. This newsletter is all about collaboration and collaboration tools, which enable you to improve your testing efficiency, like our new Codenomicon Network Analyzer. We have been using the Analyzer internally for years, and it is an invaluable tool in troubleshooting network issues. The Analyzer allows you to monitor network traffic during test efforts taking place in multiple locations and to manage these tests, an absolutely fantastic tool! Codenomicon works together with vendors to better answer their testing needs. In this newsletter, our Test engineer, Joshua, tells about his experiences testing for Microsoft. Sami and Jarkko tell their experiences from the MSF LTE interoperability test event. We are also proud to present our new Fuzzing 101 webcast series. Test, collaborate and excel!
Mikko Product Launch: Codenomicon Network Analyzer
Codenomicon recently launched a new powerful solution for test lab monitoring and network troubleshooting. The Codenomicon Network Analyzer records test behavior and automatically visualizes network traffic. The Analyzer provides testers with a clear picture of actual network traffic making it easy to discover problematic network areas, to target tests and to monitor the testing efforts in multiple locations. The solution also provides collaboration features. The Analyzer can store and process terabytes of real-time network data, and automatically visualize all network flows and identities, making it extremely easy to search and pinpoint troubling network issues. The problematic messages and sequences can be easily extracted to tools like Codenomicon Defensics for reproduction and testing, or opened with source tools like Wireshark for closer inspection. These network inspection methods have long been used by our own analysts and their effectiveness is proven by more than a hundred users and over 200 billion analyzed packets. Now with the launch of the Codenomicon Network Analyzer, the technique is available to all customers. Networks nowadays are a mixture of applications and components from various suppliers. Nobody has an overall picture of the tested systems. The Codenomicon Network Analyzer reveals what is really happening in the network helping testers decide what should be tested and how. Codenomicon Defensics enables users in different locations to share online documentation and to reproduce tests conducted by others. The Codenomicon Network Analyzer complements these features by providing tools for managing and monitoring distributed robustness testing efforts. This is especially great news for large companies, with multiple testing labs. The Codenomicon Network Analyzer is a collaborative solution: companies and organizations can use it to model actual network traffic, to troubleshoot networks and to debug any type of network communication from multiple locations. The collaborative framework also enables customers to invite third-parties to the collaboration environment to assist in troubleshooting. All members of the private collaboration space can automatically reproduce all message flows, as loading the trace into Codenomicon Defensics will replay and fuzz all protocol sequences you pull out from the framework. All data contained in the back-end of the Network Analyzer is customer proprietary, and there is no public access to any of the confidential data. The Analyzer provides a safe collaboration environment. Check out the Codenomicon Network Analyzer website: http://www.codenomicon.com/analyzer/ Working With Microsoft VulnerabilitiesAt Codenomicon, we are proud to be a responsible company. We often find and report flaws we find during our test tool development to the vendors and necessary authorities, who are given all the time they need to fix the issues before they are publicly disclosed by the vendors themselves. In the case of open source projects, we regularly participate in the fixing process through our CROSS project. Testing the Windows 7 beta release with our CIFS test suite, I uncovered a flaw in the software. Due to the sensitivity of the vulnerability, I cannot tell more details about the found issue. I reported the flaw to the Microsoft Security Response Center for analysis and remediation. It is a crucial time for Windows 7 with the pre-launch of the flagship operating system and Microsoft responded to the notification in their usual professional manner. They treat all issues with great concern. This is the second time the Codenomicon team has discovered issues in server message blocks of Microsoft products. In the end, all software contains flaws, but what separates leading companies is the way they handle these issues. More details of the vulnerability:
Other vulnerability discoveries using Codenomicon tools: Fuzz Early, Fuzz Faster, Fuzz Better!
Josh Browser TestsThe Codenomicon Defensics tools have demonstrated their effectiveness on a number of occasions. In December 2009, I tested five of the most popular browsers as a part of CodeLabs tests. I tested Internet Explorer 8, Opera, Mozilla Firefox, Google Chrome, and Safari. All web browsers were downloaded in Mid-December and ran on Windows 7. Before actually testing the browsers, I created scripts for downloading test material from Codenomicon's Robustness Test Suites. I used the following Codenomicon Robustness Test Suites: HTTP Client Suite 2.0.2, TLS Client Suite 4.2.0 and XML-SOAP Client Suite 1.0.0. I performed the tests by running the Test Suite against each browser. I continued to execute the tests until the first crash occurred. This is called the first-blood methodology. All of the web browsers crashed when they were tested. Some of these crashes happened in less than one minute. After a crash, a second suite or a browser was put to the test. The exploitability of the vulnerabilities was not examined. However, all found bugs resulted in at least Denial of Service (DoS) by crashing or hanging the browser, so all vulnerabilities need to be taken seriously. The results of CodeLabs tests are automatically uploaded into our collaboration environment, and shared with the rest of our CodeLabs team. The test verdicts are also published on our CodeLabs web site at http://www.codenomicon.com/labs/results I really like working for Codenomicon, because I get to break things, in controlled environments of course. Automated testing tools like Codenomicon Defensics make vulnerability discovery easy! If you're not already using Codenomicon tools, check them out! Download our free FTP tool from http://www.codenomicon.com/evaluation/ and discover the fun of robustness testing! Check out the Codenomicon whitepaper on Browser Testing: http://www.codenomicon.com/resources/whitepapers/2010-browser-security.shtml Join the demolition team! Tuomo Codenomicon at the MultiService Forum (MSF) LTE Interoperability Event in Dusseldorf, GermanyWe recently represented Codenomicon at the LTE IOT event in Dusseldorf. The event brought multiple network equipment vendors together to test the interoperability of their equipment and the real-world usage scenarios of the LTE core network. For the first time, robustness testing was on the official agenda of such an interoperability event. The original press release on topic can be found from: http://www.msforum.org/pressroom/pr/2010_LTE-IOT-PR_Codeonomicon_Final.pdf. The main focus of our testing effort was GTPv2, a new release of the GTP protocol, which plays a crucial role in LTE core networks, because it is used for communication between network elements. Our goal in designing the GTPv2 Robustness Tester was to address the reliability of new LTE network elements and to enable security testing across network trust boundaries. The interoperability event was a great opportunity for us to assess the applicability of our tests. The Defensics tools are based on a point-and-click approach, which means that tests are executable after a few simple settings, like target addresses, are made. The GTPv2 is complex and dynamic protocol, which makes creating such testing challenging. Thus, we were very happy to notice that basic interoperability tests could be run all vendors' equipment straight right out of the box. To test end-to-end connectivity involving all LTE core network elements, some minor tweaking was required, but nothing that could not be done in a few minutes. Overall, the interoperability event was a valuable experience on how real LTE networks work and how Codenomicon test tools can be used to test them. Not only did we discover how Codenomicon tools can be used to add value to LTE testing, we got a bunch of new ideas for developing our tools to answer LTE testing challenges even better than before. We evaluated the stressfulness of our GTPv2 Tester by looking its ability to find and help fix vulnerabilities. The vulnerabilities discovered by our GTPv2 tester at the LTE interoperability event will be discussed further in our upcoming MSF Whitepaper, anonymizing the vendor names of course. Robustness is a common cause! Sami and Jarkko Be sure to also see our latest article on LTE testing in the latest issue of the Professional Tester magazine: http://www.professionaltester.com/files/PT-issue2.pdf New protocols released for Core Internet and LTE testingAt Codenomicon, we are proud to announce the release of two new protocol suites: TCP and PMIP for Defensics 3. TCP is the backbone of IP services and this test suite can be used to test a large variety of systems ranging from internet applications to new generation networks. In the past few months, the Defensics TCP tester has been completely re-written for the Defensics 3 platform. The amount of available test cases has increased to include a wide range of new TCP attacks, like those found by Outpost24, thus significantly improving the test suite coverage. Moreover, extensive client-side testing for TCP is now also available. As a part of our continued effort to support LTE core network testing, we are releasing a new Defensics PMIP test suit. PMIP is an alternative for GTPv2 in the LTE S5 interface. With this release Codenomicon will strengthen its position on the frontline of LTE test development. Currently, only few vendors have completed PMIP interfaces in their devices. However, this test suite is not only intended for testing completed interfaces. Indeed, the best way to test is to integrate testing into your development process. The PMIP release will not be our last announcement on LTE testing space. Currently our expert R&D team is working on 3GPP extensions to Diameter and implementing policy and charging control functions, and related test material. We are always ahead of the technology development!
Sami Codenomicon Fuzzing Webcast SeriesCodenomicon participated in the Blackhat webcast together with other new members of the SDL Pro Network. Codenomicon will provide a more extensive presentation for our customers and contacts. In this presentation, we will look at security and robustness testing in the various phases of the SDLC. Fuzzing is typically used in the Verification/Testing phase of the SDLC. This presentation explains how fuzzing can be used in the earlier stages of the software development process, for example in unit testing. In addition, we will look at agile testing practices. In agile software development processes, fuzzing is performed in testing and verification related tasks in the agile development cycle. The webcast will last approximately one hour + QA. Register for a session now by clicking a date below: Latest News
For latest news from Codenomicon, see: It's what you don't know that makes you vulnerableMore information on Codenomicon:More information on Codenomicon Defensics™:Request Codenomicon Defensics™ evaluation version:More information on Codenomicon Network Analyzer:More information on Fuzzing: |
| Codenomicon Ltd. | www.codenomicon.com | info@codenomicon.com |
