What is a Zero Day Attack About Fuzzers Part Two

Welcome back to the series,If you have come directly to this post I would recommend you to go through the previous post “What is a Zero Day Attack Part one“.But you can still continue I have covered the basics of Zero Day attack in the post.

OverView of Secured Applications

No matter how great a developer or how securely he writes a code, there has to be some bug one way or the other.According to experts, in every 1000 lines of code there are on an average, 5 bugs present.And a good percentage of these bugs can be used to compromise the security of the application.

Now there are two ways to find the bugs.The first is to sit and test every lines and find it out.But since most of the times, the source code is not available so the second way it to use FUZZERS.So what are they ? Programs Hacking another programs.Surprised ? Lets move to next point and I will tell you more about it.

What are Fuzzers ?

Fuzzers are software programs or scripts - specially created to look for errors in any piece of code or application.A fuzzer will virtually look for every input variable and try every different possible combination ot find out the handling of the program and coding errors.

Fuzzers are also known as Fault Injectors, because they create and inject faults inside any application.These Fuzzers can test errors for applications,protocols, files etc and are widely used to find new vulnerabilities like buffer overflow,DoS, SQL injection and XSS.

Why should I use Fuzzers when I am already investing on Security so much ?

This question should click in your mind else the importance of it will never be realized.In short 2 reasons.

You get to know about the vulnerability before others do, so you get a patch before anybody else finds and attack you.
Secondly, Now if you have a custom made tool(made just by you), there are least chances that other know about it and you wont get feedback that if there is some loophole in the software.So its your duty to find out the bug and then prepare for the patch.Else if ZDA or Zero Day Attack begins, you might be too late.

Types of Protection by Fuzzers

Application Firewall :

The best way to fight against any kind of unknown attack is to restrict any kind of unknown attack is to restrict your application from showing any unwnated behavior.For that all you need is an application firewall.This is a tool which records any kind of any application for abnormal behavior and makes an alert and in some case simply restricts the application from running.There are two of them i found.

AppArmor: This is an Open Source application firewall and is currently maintained by Novell.You can get the document available here and install it on top of any Linux distro.But the easiest way out is to get a copy of OpenSuse 10 which had AppArmor out of the box.It has easy configuration manager called YaST.The advantge of using this is when any kind of bug or virus enters the system (be it known or unknown ) and tries to modify settings and parameters of the application, AppArmor will automatically create an alert.You can see the image below for YaSt configuration.

Socket Shield:This tool can protect you against zero day worms and other malware coming from websites.Yes you got it right, It monitors traffic coming from port 80.As per the analysis I read, the entire process of monitoring is invisible to users and does not affect the performance,It simple meaning it protects your computer by monitoring at the socked level.It closes the socket in case of any exploit found.You can use it for shielding as well as blocking.By providing know spamming sites ip address and blocking it will do on its own in case it finds any doubtful activity.You can take a look at more details here. The image below can give u small preview.

Second type is Web Server Protection.Its a bit long so i don’t want to make this post boring and hence i will be continuing it to the next post. Till then you can try the above if it fits your requirement.

If you enjoyed this post Subscribe to the Free TechSpot Newsletter or Feed It through RSS

About The Author of this article:
Ashish is one of the co-author of this blog and writes on various interesting softwares, PC tips and more. You can read more of his articles here.

Enjoyed this article? Download our Toolbar and read us more quickly or Subscribe to the Full RSS Feed or Get Post like this in your Inbox Click to get via Email ( You will have to confirm by checking you Inbox)