Researchers Use "Fuzzing" to Find Security Flaws
When I attended Black Hat USA 2003 last month, several presenters mentioned "fuzzing" as a technique to find security vulnerabilities. As I understand it, fuzzing involves sending unexpected input to an application and monitoring its responses for signs of vulnerabilities. The most widely known tool is Dave Aitel's SPIKE. The PROTOS suite was famous for its discovery of SNMP weaknesses last year. The IP Stack Integrity Checker is another open source tool. There are alternatives to these tools in private use, and some offer other methods, like sofwtare from Greg Hoglund's HBGary, to find similar weaknesses.