Wednesday, July 11, 2007
Almost ready for eescan
Update - For more information see http://www.eescan.net
All of the upgrades went smoothly and now I've got the colo ready for some eescan action. I was able to add some dedicated IP addresses to my machine and some precious disk space.
You might be asking what this whole eescan thing is all about. Well I guess you'll just have to come to the talk at DEFCON to find out. Here's the abstract:
All of the upgrades went smoothly and now I've got the colo ready for some eescan action. I was able to add some dedicated IP addresses to my machine and some precious disk space.
You might be asking what this whole eescan thing is all about. Well I guess you'll just have to come to the talk at DEFCON to find out. Here's the abstract:
With this presentation we will demonstrate a new tool called eescan that automates extrusion and exploitability scanning using a client/server approach. Eescan will be released under the GPL and utilizes python to create an extensible framework for testing extrusion and exploit defenses.
All network security systems have gaps. Layered security tries to cover the gaps with overlapping protections like firewalls, intrusion prevention, proxies and other mechanisms. How do you really know where the gaps are before the weeds grow through? Vulnerability assessment tools scan for vulnerable systems from an attackers perspective. This technique has value but fails to represent the risk posed by client application usage and attacks. They also fail to assess extrusions - the traffic content allowed to leave a network.
Extrusion and exploitability scanning attempts to find these gaps using an automated scanning framework. The scanning techniques simulate user and attacker behavior from the client perspective to holistically measure the amount of risk in a given security system.
Subscribe to Posts [Atom]