Tuesday, November 13, 2012
Washington Post insert explains Metasploit; McAfee founder forced on the lam overseas
On Tuesday November 13, 2012 the Washington Post included a “special report”, “Cybersecurity”, as a Section AA. The main news story is “Zero Day: Under Attack: Trojan horses, malware and other tools for the heist just a click away”, by Robert O’Harrow, Jr. The online version is titled “Hacking tool kits, available free online, fuel growing cyperspace arms race”, link here.
The main focus of the article is a site named Metasploit, which brands itself as “Penetration testing software”, and has perfect scores from website safety rating services, link here, and is associated with a security firm called Rapid7 (link).
Companies use this site to stress test their infrastructure from deliberate attacks, but the same “tools” are available free to anyone with an Internet connection.
But the same tools are easily available free to hackers and script kiddies
In another story, Bill McAfee, who founded McAfee, Inc. in 1989 as one of the first major anti-virus companies, is a person of interest for a slaying in Belize and is hiding out from police, whom he fears will slay him, according to media reports such as this story for Business Week by Adam Williams, link
In the mid 1990s, Norton was perhaps the leading company, but I recall a coworker who ran the corporate LAN describing Bill McAfee as dedicating himself to eliminating computer viruses. In the good old days, most computer viruses were spread by floppy disks and email attachments. Remember the Jerusalem virus? The Microsoft Word “concept virus”? By 2001, they had gotten much more serious. I remember the “Magister” virus at work just before 9/11. My machine didn’t get it, but many employees had their Windows 2000 or NT machines re-imaged. “This is the real thing” people said. It wasn’t.
McAfee does not (as of my discussion fiv emonths ago) have a good reputation with the Geek Squad, which has favored Kaspersky, Webroot, and Trend Micro, and even uses some special removal tools like Asquared and Spyware Doctor (see June 15, 2012).