[ISN] Tool copies hackers to detect flaws

From: InfoSec News (isnat_private)
Date: Sun Sep 09 2001 - 22:18:16 PDT

  • Next message: InfoSec News: "[ISN] NSF targets tech security"

    Saturday 8th September 2001 
    Mark Street, IT Week   
    New online tool uses AI to mimic hackers, but some experts question
    how effective it can really be
    UK firm ProCheckUp has developed an online tool to expose network
    security flaws by using artificial intelligence (AI) to mimic the
    actions of a hacker. However, experts question how successful the
    software will be at detecting security holes.
    Using an AI knowledge base, automated Web agents, protocol specialist
    programs, flaw verification and four levels of internal error
    correction, the ProCheckNet tool can bypass commercial
    intrusion-detection systems, penetrate firewalls, and evaluate the
    vulnerability of systems to denial of service (DoS) attacks, said the
    company. The tool then produces a report that alerts managers to
    potential security flaws and offers advice on how to fix them.
    Richard Brain, technical director of ProCheckUp, said that the tool
    was designed to provide a better alternative to scanners, which he
    said had become outdated. "They were largely developed in the
    mid-1990s," he said. "Protocols have grown a lot more complex since
    then. Our tool builds up a profile on a targeted server and refines
    its attacks."
    Commenting on the new tool, Graham Fisher of analyst firm Bloor
    Research argued that a better way for companies to secure their
    systems against malicious attacks would be to employ the services of
    an ethical hacker. Fisher said it was unlikely that ProCheckNet could
    be trained to work with all operating systems and platforms, and said
    that it would offer only a limited service if it could.
    "You would also need to question the quality of the knowledge base
    that has gone into this," said Fisher. "Hacking is not like playing
    chess, which is made up of a number of finites. It sounds like they
    are trying to model the infinite."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Sep 10 2001 - 00:28:19 PDT