Description: Joshua Corman wrote a post entitled HD Moore's Law in which he raises some valid points around the fact that tools like Metasploit make it incredibly easy for anyone with little or no knowledge to be able to test a system for vulnerabilities. Naturally, the purpose of this or other such tools is to aid a security tester in finding these vulnerabilities. However, like any such tool, you cannot dictate if someone will use this for attack or defensive purposes.
The question then becomes whether your security defences have increased at the same rate? (hint the answer is no.) It's a relatively straightforward process with many tools to choose from that you can simply point and click to your systems and see if they can find some vulnerabilities. If they do, then you're in a bit of trouble because it means anyone with a computer and internet connection can also find the same vulnerability.
http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/
www.J4vv4D.com
Tags: security , infosec , HD moore , joshua corman , script kiddies ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.