Devinco
July 14th, 2006, 09:40 PM
If this already exists, let me know where to sign up.
This service would be able to answer these difficult questions:
I updated Windows for the xyz exploit and now I installed a program that may have installed xyz related components that could re-expose the vulnerability, how do I know if it is still securely patched?
Is alternate media viewer X also vulnerable to media exploit A?
It would also be able to answer the Magic Bytes Question. (http://www.wilderssecurity.com/showthread.php?t=137120) ;D
The service would be a complete resource of all known exploits for a particular OS. The exploits would only be available as benign versions for subscribers so people could test if their system was vulnerable without doing harm to the system. The exploits could be tested individually, or a scanner type system could be developed that would test each exploit in sequence and generate a report. It would also provide instructions where to go and what to do to fix/update/patch the vulnerability. As many of these exploits have online aspects, some online type exploit scanner(s) would be needed also.
Unlike services like HackerWhacker, this service would be geared towards exploits of the local computer instead of a web server.
This would be no simple task, but the renewable subscription could be done per computer like antivirus.
If the service itself could not provide complete coverage of the exploits, it should at least have links to exploit tests it is missing.
It would need to be trustworthy.
There are assorted vulnerability scans scattered here and there, but nothing comprehensive.
It would need a good name that would widen the market for the service and make it easy to understand for the average person.
Whaddayathink?
This service would be able to answer these difficult questions:
I updated Windows for the xyz exploit and now I installed a program that may have installed xyz related components that could re-expose the vulnerability, how do I know if it is still securely patched?
Is alternate media viewer X also vulnerable to media exploit A?
It would also be able to answer the Magic Bytes Question. (http://www.wilderssecurity.com/showthread.php?t=137120) ;D
The service would be a complete resource of all known exploits for a particular OS. The exploits would only be available as benign versions for subscribers so people could test if their system was vulnerable without doing harm to the system. The exploits could be tested individually, or a scanner type system could be developed that would test each exploit in sequence and generate a report. It would also provide instructions where to go and what to do to fix/update/patch the vulnerability. As many of these exploits have online aspects, some online type exploit scanner(s) would be needed also.
Unlike services like HackerWhacker, this service would be geared towards exploits of the local computer instead of a web server.
This would be no simple task, but the renewable subscription could be done per computer like antivirus.
If the service itself could not provide complete coverage of the exploits, it should at least have links to exploit tests it is missing.
It would need to be trustworthy.
There are assorted vulnerability scans scattered here and there, but nothing comprehensive.
It would need a good name that would widen the market for the service and make it easy to understand for the average person.
Whaddayathink?