Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Tool copies hackers to detect flaws

From: InfoSec News <isn () c4i org>
Date: Mon, 10 Sep 2001 00:18:16 -0500 (CDT)
http://news.zdnet.co.uk/story/0,,t269-s2094843,00.html

Saturday 8th September 2001 
Mark Street, IT Week   

New online tool uses AI to mimic hackers, but some experts question
how effective it can really be

UK firm ProCheckUp has developed an online tool to expose network
security flaws by using artificial intelligence (AI) to mimic the
actions of a hacker. However, experts question how successful the
software will be at detecting security holes.

Using an AI knowledge base, automated Web agents, protocol specialist
programs, flaw verification and four levels of internal error
correction, the ProCheckNet tool can bypass commercial
intrusion-detection systems, penetrate firewalls, and evaluate the
vulnerability of systems to denial of service (DoS) attacks, said the
company. The tool then produces a report that alerts managers to
potential security flaws and offers advice on how to fix them.

Richard Brain, technical director of ProCheckUp, said that the tool
was designed to provide a better alternative to scanners, which he
said had become outdated. "They were largely developed in the
mid-1990s," he said. "Protocols have grown a lot more complex since
then. Our tool builds up a profile on a targeted server and refines
its attacks."

Commenting on the new tool, Graham Fisher of analyst firm Bloor
Research argued that a better way for companies to secure their
systems against malicious attacks would be to employ the services of
an ethical hacker. Fisher said it was unlikely that ProCheckNet could
be trained to work with all operating systems and platforms, and said
that it would offer only a limited service if it could.

"You would also need to question the quality of the knowledge base
that has gone into this," said Fisher. "Hacking is not like playing
chess, which is made up of a number of finites. It sounds like they
are trying to model the infinite."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: