A security consultant is developing a search engine called NKill that aims to track the security vulnerabilities on every computer connected to the Internet, with the ability for users to search for vulnerable computers in a country or inside a specific company.NKill, which currently covers all .com, .org and .net domain names, will be made available to the public within one month or so, said Anthony Zboralski, founder of Bellua Asia-Pacific, speaking Wednesday at the Hack In The Box Security Conference in Dubai. Compiling a record of all of the vulnerabilities on every computer requires a TCP port scan of the entire Internet, a process that can take between eight and 16 hours using a 100M bps connection, Zboralski said. These scans return detailed information, called banners, that include the version numbers of operating systems and applications that are running on each computer or server. While this information allows researchers to determine what vulnerabilities the computers have, it doesn't tell them who owns the computer. "The main problem with scanning the Internet is that you end up with a bunch of IP addresses, but if you want to know if one of your customers is using one of these addresses it's really difficult," Zboralski said. "We could scan the entire Internet, but we didn't know which companies were vulnerable." NKill solves this problem by matching IP addresses with domain names and the companies that use them. The database currently includes 102 million domain names and is updated daily. Users can search the database for computers with a specific vulnerability or search by company to identify vulnerabilities that affect its computers. The database also tracks how vulnerabilities change over time, giving users a way to see how companies patch and maintain their systems over time or compare the level of computer security between different companies, Zboralski said. Down the road, Zboralski hopes to make NKill an open-source project and plans to add more features, such as an iPhone application for mobile access and an API (application programming interface) that allows NKill to be integrated with other tools. He's also looking for a way to integrate whois data with NKill that would allow researchers to have a more detailed picture of all of the domains operated by a company or government. "It would also be cool to show where the machines are using Google Maps," he said, adding that he's looking for volunteers to help out with the project.
Most Popular Reviews
- 1 Google Pixel XL full, in-depth smartphone review: Phones just got smarter
- 2 Sony Xperia XZ review: turbo-charged last-gen phone
- 3 Sony X9300D and X8500D UHD 4K TV review
- 4 Hisense Series 7 ULED 4K UHD TV review
- 5 Moto X Force review: Leading features from a mid-range phone
Latest News Articles
- Apple sales, profits fall again but a brighter outlook ahead
- AWS quietly launches tool for migrating on-premesis apps to the cloud
- Intel wants to make its IoT chips see, think, and act
- Workstation software flaw exposes industrial control systems to hacking
- Critical account creation flaws patched in popular Joomla CMS
GGG Evaluation Team
First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.
For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.
The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.
The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.
My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.
- Google Pixel XL full, in-depth smartphone review: The new best Android phone
- Japan Robot, gadget and car expo slideshow
- Panasonic DX900U UHD 4K smart TV review: Best all-round TV ever?
- What's the difference between an Intel Core i3, i5 and i7?
- Laser vs. inkjet printers: which is better?
- TPBusiness Analyst/Data Analytics ConsultantVIC
- FTFront End Developer / UXNSW
- CCBusiness Analyst- (MQC, QTP, BPMN, Visio or System Architect;NSW
- FTMicrosoft Dynamics AX Functional Consultant Advanced Warehouse ManagementSA
- TPSenior Business AnalystNSW
- CCContract Management SpecialistNSW
- CCBase24 DeveloperNSW
- FTSystems SpecialistNSW
- FTSenior Service Delivery ManagerVIC
- TPNetwork and Voice EngineerVIC
- CCIT Manager - ANZNSW
- FTLinux AdministratorNSW
- CCIteration Manager - Telco - Melbourne CBDVIC
- CCMicrosoft AX Support AnalystsQLD
- FTWebSphere MQ Application SupportQLD
- CCTest Analyst : AutomationNSW
- FTJunior Java DevelopersACT
- FTFront End Web DeveloperVIC
- CCContract Junior Programmer (PC LAN Support) 161028/JP/203Asia
- FTLua DeveloperVIC
- CCWeb Content EditorQLD
- CCHuman Sciences Professional - DefenceSA
- CCSAP BPC Developer - MelbourneVIC
- FTJava Developer - Canberra RoleNSW
- FTMid-Level .NET DeveloperVIC