Search Engine News
  Home arrow Search Engine News arrow Page 2 - Get Fuzzy
SEO Chat Forums  
Choosing Keywords  
Google Optimization  
Link Trading  
MSN Optimization  
Search Engine News  
Search Engine Spiders  
Search Optimization  
Web Directories  
Website Marketing  
Website Promotion  
Website Submission  
Yahoo Optimization  
SEO Tools
Adsense Calculator
AdSense Preview
Advanced Meta-Tags
Alexa Rank Tool
Check Server Headers
Class C Checker
Code to Text Ratio
CPM Calculator
Domain Age Check
Domain Typos
Future PageRank
Google Dance
Google Keywords
Google Search
Google Suggest
Google vs Yahoo
Indexed Pages
Keyword Cloud
Keyword Density
Keyword Difficulty
Keyword Optimizer
Keyword Position
Keyword Typos
Link Popularity
Link Price Calculator
Meta Analyzer
Meta Tag Generator
Multiple Link Popularity
Page Comparison
Page Size
PageRank Lookup
PageRank Search
Robots.txt Generator
ROI Calculator 
S.E. Comparison 
S.E. Keyword Position 
Site Link Analyzer 
Spider Simulator 
URL Redirect Check 
URL Rewriting 
Moblin 
JMSL Numerical Library 
IBM® developerWorks 
Sun Developer Network 
SEO Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
SEARCH ENGINE NEWS

Get Fuzzy
By: Michael Lowry
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 2
    2007-12-05

    Table of Contents:
  • Get Fuzzy
  • Basic Techniques
  • Happening Now
  • Conclusion
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    Get Fuzzy - Basic Techniques
    (Page 2 of 4 )

    Whether you're testing a software program, a website, etc., these steps can be applied comparably to each in order to discover what issues your code has that need to be fixed.

    First of all, you must take a correct or valid file or piece of data and change it to some kind of random data that will affect the program maliciously. It's possible to replace the entire file or just part of it randomly. A "fuzzer" can do one of two things: they can generate their own data through a process called "generation fuzzing," or they can take the data from an actual source and simply alter it in some way.

    During the fuzzing process, it's important to make sure all fuzzing occurs in the right components. The altered data must be directly fuzzed under the specific document rather than the structure itself. You merely want to test the application that consumes the data under its specific format/filetype. Testing the entire format will only affect the format verification code, so you need to make the necessary adjustments.

    The next step is to transfer the altered data to its specific destination. There are different ways that this can be done; large corporations that do vast amounts of programming might find it necessary to develop their own fuzz testing tools that transfer data to a wide range of applications. It has become widespread practice to make a record of the test data before initiating the fuzz test.

    The last step (this one is for the master problem solvers) is to see what happens. The most common disaster occurrences are crashes, CPU usage spikes, and memory spikes. A crash indicates a bug. This is dangerous because they are the most likely to be exploited. Instead of taking a chance and waiting see if it is exploitable, it's best to just fix the bug. A spike simply means that any malicious data might possibly discontinue service, so fix it!

    It is important not to try to go overboard with the fuzzing; stick with trying to find random crashes and spikes. Anything more would require customizing the test to specifically monitor whatever changes are being made to the data and/or software application. However, because most of the programs are being used by third parties, fuzz testing for bugs is still crucial.

    Next: Happening Now >>
     

    More Search Engine News Articles
    More By Michael Lowry


       · Interesting article. Thank you! It would be great if you can write about the...
       · Thank you for reading this article on fuzz testing for your website. If you have...
       · Thanks for the comment. I will definitely look into writing about some fuzz testing...
     
    >>> Post your comment now!

    SEARCH ENGINE NEWS ARTICLES

    - A Look at the SEO for Firefox Extension
    - Is the Future Chrome?
    - Full Sail Offers Online Internet Marketing D...
    - Microsoft Unveils BrowseRank, Google Feels a...
    - Using Qassia: An Intelligent Decision?
    - Qassia: Intelligent Link Building?
    - A Different Way to Search
    - Filtering the Internet
    - Explaining Social Media`s Friendship Ranks
    - Youlicit Invites Us to Rediscover Search
    - Google Sees Flash. So What?
    - Chat Comes Alive with Google`s Lively
    - A Cuil Search Engine is Born
    - Google Knol Takes Aim at Wikipedia, Others
    - Google`s Udi Manber Looks at Search
    Find More Search Engine News Articles




    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 3 hosted by Hostway
    Stay green...Green IT