Linked by David Adams on Tue 3rd Aug 2010 17:12 UTC, submitted by HAL2001
Privacy, Security, Encryption In this video recorded at Black Hat USA 2010, Patrick Thomas, a vulnerability researcher at Qualys, discusses the open source web application fingerprinting engine BlindElephant he created. BlindElephant is a tool that helps security professionals and systems administrators identify everything running on their servers, including any web applications users may have downloaded. It doesn't check for vulnerabilities or vulnerability to a particular exploit, but rather what version of applications are running on their site. For each application that the tool will support, BlindElephant consumes a number of version directories. All files and directories are processed, and a hash is computed for each file. This hash is stored in a temporary table, along with the path and version of the application it came from. Accuracy of the tool was demonstrated by a large-scale survey on Internet-visible hosts.
Order by: Score:
whats the difff
by dacresni on Thu 5th Aug 2010 02:23 UTC
dacresni
Member since:
2009-08-26

whats the difference between this and Tripwire and other Intrusion Detection systems?

Reply Score: 1

RE: whats the difff
by HAL2001 on Thu 5th Aug 2010 12:56 UTC in reply to "whats the difff"
HAL2001 Member since:
2009-12-17

The difference is - this not an intrusion detection system ;)

Reply Score: 1