Original URL: http://www.theregister.co.uk/2013/09/30/hd_more_seeks_crowd_help_for_vuln_scanning/

Metasploit creator seeks crowd's help for vuln scanning

Project Sonar combines tools, data and research

By Richard Chirgwin

Posted in Security, 30th September 2013 00:31 GMT

Security outfit Rapid7 has decided that there's just too much security vulnerability information out there for any one group to handle, so its solution is to try and crowd-source the effort.

Announcing Project Sonar, the company is offering tools and datasets for download, with the idea that the community will provide input into the necessary research.

The brainchild of Metasploit creator HD Moore, the aim of Project Sonar is to scan publicly-facing Internet hosts, compile their vulnerabilities into datasets, mine those datasets, and share the results with the security industry.

Even though there's widespread insecurity across the Internet, Rapid7 says “at the moment there isn’t much collaboration and internet scanning is seen as a fairly niche activity of hardcore security researchers.

“We believe that the only way we can effectively address this is by working together, sharing information, teaching and challenging each other. Not just researchers, but all security professionals.”

None of the tools HD Moore's blog post lists are brand-new: they're familiar names like ZMap (led by the University of Michigan), Nmap and MASSCAN. The first three datasets Rapid7 collected for the project cover IPv4 TCP banners and UDP probe replies; reverse DNS PTR records; and SSL certificates.

Moore told SecurityWeek it's the size of the datasets that demands a crowd approach: “If we try to parse the data sets ourselves, even with a team of 30 people, it would take multiple years just to figure out the vulnerabilities in the data set,” he said. ®