Re: help needed with DotGNU security review (was Re: ..researchers org..)

To: Norbert Bollow <nb@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: help needed with DotGNU security review (was Re: ..researchers org..)
From: Crispin Cowan <crispin@xxxxxxxxxxx>
Date: Fri, 21 Nov 2003 20:38:45 -0800
Cc: bugtraq@xxxxxxxxxxxxxxxxx, Sardonix Security Auditing <sardonix@xxxxxxxxxxx>
In-reply-to: <20031121155626.B8B9E2C551@xxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <8B32EDC90D8F4E4AB40918883281874D0BB04F@xxxxxxxxxxxxxxxxxxxxxxxxxx> <3FBBEB1C.9040109@xxxxxxxxxxx> <20031121155626.B8B9E2C551@xxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030701

Norbert Bollow wrote:

How should I go about trying to find people who are skilled in the
area of finding security bugs, and who would be willing to have a
good look at key components of DotGNU (see http://dotgnu.org ) before
they're widely deployed?

This is what Sardonix was designed to do. I cannot assure that you willget a taker, but I suggest a post to the sardonix mailing list would help.

Hint: subscribe to the list first. The list is configured to moderatenon-subscriber posts, and I'm killing off about 25 spams a day now, so alegit non-subscriber post could get lost in the shuffle.


Crispin

--
Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
Chief Scientist, Immunix       http://immunix.com
           http://www.immunix.com/shop/

References:
- Security researchers organization
  - From: Thor Larholm
- Re: Security researchers organization
  - From: Crispin Cowan
- help needed with DotGNU security review (was Re: ..researchers org..)
  - From: Norbert Bollow

Prev by Date: Re: [aadams@xxxxxxxxxxxxxxxxx: Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation]
Next by Date: Opera directory traversal and buffer overflow
Previous by thread: help needed with DotGNU security review (was Re: ..researchers org..)
Next by thread: Re: Security researchers organization
Index(es):
- Date
- Thread