Along with news of new nasty virii comes word that Metasploit, an open source tool for creating exploits and testing them against your system (to make sure that it is secure) has been released.
Get your copy here.
The new version features an expanded library of custom-made exploits and payloads, usable against Windows, Linux and some Unix variants. It also has a new, clean user interface so it takes just a few clicks to run an exploit against a target system.
eads to our question of the day.
Is this a good thing?
On the one hand, it's a very good thing. Security managers need this kind of tool to protect their systems, and having it available in an open source format means the budget is no object. (It also means they can participate in creating improvements, which in turn can be shared, for such is the nature of open source.)
On the other hand, tools that can do powerful good can also do powerful harm, and in the wrong hands Metasploit can bring us a new horde of script kiddies, ratcheting up the pressure on security people (and the rest of us) still further.
We report, you decide.