Posted Aug 6, 2008 20:47 UTC (Wed) by boog (subscriber, #30882)
Parent article: The TALPA molehill
"Normally, in the Linux world, the way we respond to knowledge of a
specific vulnerability is to patch the problem rather than scan for
Our editor's point here is key. It is hopeless to "enumerate badness"
(e.g. http://www.ranum.com/security/computer_security/editorial... )
Scanning for exploits is always going to be a lost cause - viz windows
security and the ineffectiveness of the whole anti-malware industry.
However, as suggested, there are a few situations where the mechanism
might be temporarily useful.