Google-based Vulnerability Scanner More Useful to Admins than Hackers
The Goolag vulnerability scanning tool announced by Cult of the Dead Cow (cDc) is reminiscent of SATAN, one of the first network vulnerability scanners. Some are concerned that script kiddies will use it to hack Web sites but it is even more useful to site administrators for finding holes in their security.
Sure, some attackers with little skill or new comers to Web site hacking may learn from this but the professionals that can do real damage have enough tools in their tool chest that they don't need this one. If you are a site admin with too little time and too many deadlines, a simple scanning tool that helps find vulnerabilities is welcome.
Promoting the scanner, cDc spokesperson said (via SC Magazine)
“We've seen some pretty scary holes through random tests with the scanner in North America, Europe and the Middle East,” Ruffin said in the statement posted on the group's website. “If I were a government, a large corporation or anyone with a large website, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious.”
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
