Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Tools More Harmful Than Helpful?

Posted by CowboyNeal on from the made-too-well dept.

soblasted writes "With the recent 2.0 release of the Metasploit Framework, people are wondering if security tools like it do more good than harm. This article attempts to answer the question. The legitimate use of the framework is for security researchers to use in exploit testing and development.It will run on any OS with Perl, and includes a CLI and web GUI, along with many ready to run exploits and payload modules. With HP also developing systems to preemptively attack their own networks, has this become acceptable?" This issue reminds me of the first release of SATAN and the uproar it caused.

8 of 116 comments (clear)

  1. Duh by Anonymous Coward · · Score: 5, Insightful

    Any tool can be used incorrectly.

    Run ping -f to the wrong host and it's a DDoS attack, not a test of simple dropped packets

    run apache's tester, 'ab' to the wrong host and it's a DDoS attack, and not a test of a webserver

    run X to the wrong host and it's a , not a

    1. Re:Duh by AndroidCat · · Score: 5, Funny

      Post a link to helpful information on Slashdot, and it's a DDoS attack...

      --
      One line blog. I hear that they're called Twitters now.
  2. First release of Satan by Tandoori+Haggis · · Score: 5, Funny

    Do subsequent versions of Satan have fewer vulnerabilities? ie resistance to garlic, silver, crosses, upright pentagrams, white witches, holy water, Billy Graham etc?

    --
    My hyperlinks aren't worth the paper they're printed on.
  3. It's a dual edge sword by drizst+'n+drat · · Score: 5, Interesting

    Having tools to help in identification of weaknesses is not a bad idea (one side) - OTOH - the same tools can also help a hacker use that information to exploit your system (other side). Not that they couldn't do it anyway -- but hey -- this is faster. It was stated in the article that "The problem today is that many organizations do not patch systems until a working exploit is released". How true this as well as the comment that "The bottom line is that exploits are not only useful but are (also) required for many types of legitimate work." Brings to mind some of the restrictions that are placed on useful processes such as the remote commands, snmp, and other features built into the OS. Nice to know where problems are so that they can be locked down ... but what if you really need them ...

  4. eye for an eye by irokie · · Score: 5, Insightful

    i think the point made in the article that "this toold allows admins to play on the same level as the attackers" is a very valid point and should be paraded out in front of anyone who says "but this will only cause more attacks by making the attackes easier for the attackers to execute"
    newsflash; even the l4m0r-est script kiddie has a plethora of tools like this (most of which are usually loaded with trojan's and the like).
    giving admins legit, supported and just plain better tools means that admins have the ability to check their systems' vulnerability easily. and an admin equipped with a tool for automating exploits has a better chance of stumbling across an exploit no one has found yet, because he hasn't spent all night checking for vulnerabilities earlier.

    --
    and if you see me strut, remind me of what left this outlaw torn...
  5. Potential Abuse == Evil Product Mentality by tallpole · · Score: 5, Funny

    I love how many people, especially the media, love to generalize any product that has the potential for misuse to be a sinister product...

    Historically there are so many other examples, such as lockpick kits which are illegal in many states and countries, or are requiring licenses to use. Let's not forget the old Napster, or Kazaa or any other similar P2P, due to misuse, free use P2P is generalized into a piracy movement alone.

    Which reminds me of a joke- A man is at his house during prohibition in the backcountry, when a sheriff comes by and notices that he has all the equipment laid out to make moonshine. Immediately the sheriff arrests the man, citing that having the materials to make moonshine is equivalent to having the contraband itself, though he saw no liquor on the premise. The arrested man takes a long pause, thinks about the situation, and states- "Well, I guess you should arrest me for rape too then, I got all the tools for that crime also!". Embarassed, the sheriff released the man.

  6. re: metasploit by brennz · · Score: 5, Informative

    Metasploit is similar to Core Impact.

    I'll gladly add this to my tools, without any cash outlay.

    Want more security tools?

  7. Other Useful Utilities by Inhibit · · Score: 5, Informative

    NMAP Port scanner from insecure.org

    SATAN the aformentioned Security Admin Tool for Analyzing Networks.

    TripWire for checking when someone's trying to access your system, and stopping them.

    Shorewall a relatively easy to set up firewall-in-a-box for Linux.

    --
    You're reading Slashdot. Of course you like Linux and pc hardware