[fuzzing] fuzzing MMS and other application
demottja at msu.edu
Mon Feb 19 11:19:35 CST 2007
Yadab Das wrote:
> I want to do fuzz testing on MMS (communication protocol) and on some
> application. Now there is two type of fuzz testing (from my
> 1) Protocol Fuzz testing (Special for network protocols)
> 2) Application Input fuzz testing.
Um, Ari and I will have a book for you to read someday. Actually,
anything that accepts input can be fuzzed (tested for robustness).
Fuzzing is simply supplying semi-invalid data, instead of the "normal"
or expected input. The reason various "categories" of fuzz tools are
created stems from a couple things: First, the practical method by which
data is delivered to a network application tends to differ from that of
a local application. Also API fuzzing (giving library routines, or
unknown functions unexpected arguments) in real time may require
grey-box skillz, etc. Second, the process, strategy, or methodology
varies. Similar to how some people believe that Linux is the only
"real" OS, while others prefer Windows. In truth, there is room enough
in the world for both. Of the two major categorizes in attack surface
testing (fuzzing) one leans more toward stochastic processes
(randomness) and the other relies more on determinism (structured,
numbered, labeled, pre-engineered test cases.) The former is better at
discovered corner cases, while the later tends to more cleanly integrate
into formal processes like regression testing because of it's ability to
create a "baseline". So a key question becomes your intent. Do you
want to find a weird bug that no one else may have found, or are you
trying to engineer or use products that should function correctly 98% of
the time? Ether way, testing, rather it be partial or complete, is a
large undertaking. Unfortunately, it seems to be a field lacking in
solid metrics, and filled with misconceptions. To build or to buy?
Depends on a lot of things. Either way, effectiveness and cost will
largely be measured in terms of skilled employees. But I feel like I'm
digressing ... :)
> Can some one suggest me the tools that i can use for the categories?
For a free one check out: http://www.appliedsec.com/developers.html.
I've got some newer stuff I'll release late this year.
> I have been visiting all the web sites, SPIKE, Scratch, peach and all
> the tools site. I want to develop (integrate) fuzz testing mechanism
> for MMS (Manufacturing Message Specification - Network communication
> protocol). Please suggest me some tools to start with.
> If some one is developing something like this, i would like to collaborate.
> Best regards
> Yadab das
> fuzzing mailing list
> fuzzing at whitestar.linuxbox.org
More information about the fuzzing