start page | rating of books | rating of authors | reviews | copyrights
Book HomeBuilding Internet FirewallsSearch this book
PreviousNext

B.2. Analysis Tools

The tools in this category let you audit your system. Some perform audits and check for well-known security holes; others establish databases of checksums of all of the files in a system (to allow you to watch for changes to those files); some do both.

B.2.1. COPS
ftp://coast.cs.purdue.edu/pub/tools/unix/cops

COPS, by Dan Farmer, is the Computer Oracle and Password System, a system that checks Unix systems for common security problems (such as unsafe permissions on key files and directories).

B.2.2. Tiger
ftp://coast.cs.purdue.edu/pub/tools/unix/tiger

Tiger, by Doug Schales of Texas A&M University (TAMU), is a set of scripts that scan a Unix system looking for security problems, in the same fashion as Dan Farmer's COPS. Tiger was originally developed to provide a check of Unix systems on the A&M campus that users wanted to access from off campus. Before the packet filtering in the firewall could be modified to allow off-campus access to the system, the system had to pass the Tiger checks.

B.2.3. Tripwire
ftp://coast.cs.purdue.edu/pub/COAST/Tripwire

Tripwire, by Gene H. Kim and Gene Spafford of CERIAS at Purdue University, is a file integrity checker: a utility that compares a designated set of files and directories against information stored in a previously generated database. Added or deleted files are flagged and reported, as are any files that have changed from their previously recorded state in the database. Run Tripwire against system files on a regular basis. If you do, the program will spot any file changes when it next runs, giving system administrators information to enact damage control measures immediately.

B.2.4. SATAN
http://www.fish.com/~zen/satan/satan.html

SATAN, by Wietse Venema and Dan Farmer, is the Security Administrator Tool for Analyzing Networks. (If you don't like the name, it comes with a script named repent that changes all references from SATAN to SANTA: Security Administrator Network Tool for Analysis.) It was the first well-publicized scanning tool but is not being actively maintained.

B.2.5. SAINT

http://www.wwdsi.com

SAINT is a security scanning tool aimed at system administrators; it is an update to SATAN. According to the authors:

SAINT is the tool for System Administrators who are well versed in information security and want to maintain and configure security assessment tools within their own network environments.

PreviousHomeNext
B. ToolsBook IndexB.3. Packet Filtering Tools
Library Navigation Links

Copyright © 2002 O'Reilly & Associates. All rights reserved.