Grey Hat Sites - Watchguard Firebox X5500E Reference Manual

Vpn gateway

Hide thumbs Also See for Firebox X5500E:

User manual (314 pages)

Reference manual (264 pages)

Hardware manual (33 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

page of 160

/ 160
Contents
Table of Contents
Bookmarks

Table of Contents

Grey Hat Sites

We characterize these security researchers as "grey hats" because, unlike white hats, they might not

inform the appropriate manufacturer before publicly revealing their findings and posting exploit code

(often passed off euphemistically as "proof of concept" code). Technically they're not breaking laws or

acting maliciously, like "black hats." But announcing security holes before vendors can fix them is like

giving an army a map of the castle they're attacking, with a big red arrow marking the secret entrance.

Grey hats commonly claim their behavior contributes to overall security by making vendors watch

themselves more diligently. Whether that is true is a battle we'll leave to someone else.

Nonetheless, "grey hat" sites are worth inspecting when you want to understand more about how a

particular vulnerability works. These sites are often the first to reveal new vulnerabilities, much sooner

than you'll get the info from the appropriate vendor. When trying to prioritize how urgently you need

to patch flawed software on your network, flaws where the exploit code is publicly posted should go to

the top of your list. To learn whether exploit code is publicly available, monitor our LiveSecurity® alerts,

and check some of the following sites.

Ryan1918.com

On this site, you'll find hackers selling and trading exploits, including botnets and trojans. In true

script-kiddy style, this forum in not online 100% of the time. If not, try again later - so far, it has

always returned.

Packetstormsecurity.org

This site offers a repository of the Top 20 security tools, advisories, and exploits, updated

throughout the week.

K-otik.com

This French site is usually the first place you'll find significant exploit code. They also archive

notable white papers in various languages, so multilingual administrators can get a world of

security instruction here.

2600.com

This Web site supplements the printed journal 2600 , the seminal, well-known "hacker's

quarterly," where programmers inform one another of new flaws, exploits, and attacks on

everything from networks to phone systems. Worth a read so you can realistically assess the

strength of your countermeasures.

Governmentsecurity.org

Despite its name, this site is not sponsored by a government. Like many of the other sites we've

recommended, it archives daily security news. But our favorite feature is the moderated security

forums, where you can discuss relevant topics (ranging from general network security, to how to

compile and run specific exploits) with other network administrators.

WatchGuard System Manager

Table of Contents

This manual is also suitable for:

Firebox x6500e Firebox x8500e Firebox x peak e-series Firebox x core e-series Firebox x edge e-series v10.0 Firebox x55e ... Show all

Grey Hat Sites - Watchguard Firebox X5500E Reference Manual

Grey Hat Sites

Related Manuals for Watchguard Firebox X5500E

Related Content for Watchguard Firebox X5500E

This manual is also suitable for:

Table of Contents