eEye Digital Security Papers
CHAM (Common Hacking Attack Methods) and its use in Retina the Network Security Scanner.
eEye Digital Security incorporates its proprietary CHAM technology in most of its products. In this paper we focus on the use of CHAM in Retina, the Network Scanner. For many clients, CHAM provides a level of value added unmatched by any security product in the market.
Normal Scanner Function
These vulnerabilities typically relate to various operating systems and widely distributed software. They are discovered by security software R&D houses such as eEye Digital Security, and thousands of black and white hat hackers around the world.
These custom and uncommon software products have typically not gone through the scrutiny of thousands of hackers probing and testing them like most operating systems and common software products. Vulnerabilities associated with them have not been discovered, posted and updated on the Retina database (nor competitor scanners of course). These custom and uncommon software products may be a door wide open to a hacker who finds them.
CHAM Thinks Like A Hacker
Retina learns as much information as possible about your network from the scan and then uses that information to discover unknown vulnerabilities in your network. This is the artificial intelligence piece of the software. Based on the gathered information, Retina CHAM then performs various hacking attacks on several protocols that you may pre-select in the Policies menu (FTP, POP3, SMTP, HTTP). The attacks include overflows, format string attacks, path attacks, munged byte attacks, among others. This is how a hacker would likely attack your network!
CHAM Vulnerability Procedure
Note: eEye reserves the right on how to respond to CHAM vulnerability reports. If you custom build a piece of software that generates tons of CHAM vulnerabilities, we (eEye) may just send you an email advising to hire new software engineers!
When Should You Use CHAM
CHAM provides a level of network security expertise that you do not find in most companies. It is a valuable tool that allows you to dramatically improve the security level of mission-critical network servers and workstations. We certainly use it all the time on applications eEye Digital Security develop!
All trademarks are property of their respective owners or holders. Information subject to change without notice
Copyright © 2000 - 2015 AMT Software. All rights reserved.