Immunity, Inc. is proud to announce both a new paper on SPIKE and related fuzzing technology, and the release of SPIKE 2.8. Both are available from http://www.immunitysec.com/spike.html . SPIKE is a full-featured network protocol analysis toolkit, written in C, and released under the GNU Public License (GPL). The most obvious change to SPIKE 2.8 is the inclusion of a DCE-RPC over named pipe fuzzer. The abstract of the paper is below. It should be noted that the paper contains not only detailed information on how to detect the RPC Locator vulnerability with SPIKE, but also several other vulnerabilities in Windows 2000 that were discovered as part of this testing. (For a binary of one of them, try http://www.immunitysec.com/downloads/plonk ). The Advantages of Block-Based Protocol Analysis for Security Testing Abstract. This paper describes an effective method for black-box testing of unknown or arbitrarily complex network protocols for common problems relating to the security of a program or system. By introducing a block-based method for taking advantage of all known factors in a network protocol, and delimiting the effect of all unknown factors, the potential space of inputs to a program can be reduced intelligently by a tester, compensating for incomplete knowledge of the target's implementation or design. Thank you, Dave Aitel Public and Media Relations Immunity, Inc. http://www.immunitysec.com/ 917-545-4742
