Qualys Inc. on Monday unveiled a new free network-mapping tool that can deliver detailed information about any device connected to a given network. FreeMap is a Web-based graphical tool that essentially functions like a souped-up version of Nmap or any of the other network-discovery tools available on the Internet.
Anyone with an Internet connection and a valid e-mail address can simply fill out a form on the Qualys Web site and initiate a scan of any domain or address block. After filling out the form, the user will receive an e-mail that contains a Web link that will start the scan. The process takes a few minutes, depending on the size of the network, and produces a logistical map of the scanned network.
By hovering the mouse over any device on the map, the user can retrieve operating system and version data on the device. The map also lists each devices IP address. And, by right-clicking on a device, users can initiate a vulnerability scan on the device.
Needless to say, a free service with these kinds of capabilities is bound to be very attractive to crackers and others looking to probe vulnerable networks. Qualys officials say they have taken reasonable precautions—such as requiring a valid e-mail to register—against people using FreeMap for network reconnaisance. They also prevent anyone using a free e-mail service from doing a scan. But they also point out that a determined attacker wont be dissuaded so easily.
"Someone who really wants to get you has other ways to do that," said Gerhard Eschelbeck, CTO and vice president of engineering at Qualys, a vulnerability assessment company based in Redwood Shores, Calif. Eschelbeck introduced the tool at a roundtable discussion on security here. "Were giving this power to the good guys."
Latest Security News:
Search for more stories by Dennis Fisher.
Find white papers on security.