Language Selection

English French German Italian Portuguese Spanish

Fuzz testing with zzuf

Filed under
HowTos

Fuzz testing, which uses random input to test software for bugs, has been the biggest thing to happen in IT security in quite awhile. Now you can quickly and easily direct your own fuzz testing ops, thanks to a cool little program called zzuf.

We can thank stupid users for the fuzz testing craze -- users who enter dates where dollar amounts are supposed to go, or digits where their names belong, or a ZIP code where a Social Security number is expected. Their lameness often results in instant breakage -- segfaults, overruns, all manner of crashes. And some of those crashes are perfect for exploiting, allowing black hats to gain access to systems or data -- like the Wi-Fi vulnerabilities that were almost disclosed at BlackHat about this time last year, for example, which were discovered by fuzz testing the Wi-Fi drivers with unexpected data.

Fuzz testing throws anything and everything, and sometimes nothing at all, at applications expecting data of a certain size, shape, or format. Many programs are more stable and secure today because of the hidden flaws found with fuzz testing.

More Here




More in Tux Machines

Windows Users Download Ubuntu 30,000 Times a Day and Other Cool Facts

Ubuntu is the most used Linux desktop operating system, but that might not be all that transparent, so we would also like to present some interesting figures, like the number of Windows users that download Ubuntu every day. Read more

Mozilla Firefox 37.0.2 Out Now, Fixes Incorrect Rendering of Google Maps

Mozilla pushed today the second maintenance release of its stable Firefox 37.0 web browser to Linux, Windows, and Mac OS X users worldwide, available for download right now via the application’s built-in updater. Read more

Linux-friendly COM Express triplets embed Intel Bay Trail SoCs

When we saw the announcement for the CEM841 COM Express Type 2, we noticed that Axiomtek had already listed two other very similar new COM Express modules — the CEM842 and CEM843 — as “coming soon.” The CEM841 and CEM842 each offers a choice of dual- or quad-core Intel Celeron system-on-chip from the same 22nm Bay Trail generation as the Atom E3845 used by the CEM843. The CEM841 uses the 125 x 95mm COM Express Type 2 Basic format, while the other two modules adopt the 95 x 95mm COM Express Type 6 form factor. The modules specifically support Linux Ubuntu and CentOS, but other mainstream Linux variants should work fine. Read more

FEDORA WORKSTATION: MORE THAN THE SUM OF ITS PARTS

Anyway, I thought this could be a good opportunity to actually ask the wider community a question, especially if you are using GNOME on another distribution than Fedora, what are we still missing at this point for you to consider making a switch to Fedora Workstation? I know that for some of you the answer might be as simple as ‘worn in shoes fits the best’, but anything you might have beyond that would be great to hear. I can’t promise that we will be able to implement every suggestion you add to this blog post, but I do promise that we will review and consider every suggestion you provide and try to see how it can fit into development plans going forward. Read more