Bugtraq mailing list archives
Re: PINGWARE
From: newsham () wiliki eng hawaii edu (Timothy Newsham)
Date: Wed, 10 Aug 1994 11:31:10 -1000 (HST)
Jason, Tools like COPS and RAXCO Unix Security Toolkit are tools that take a snapshot of the system security and the output advises the operator about the what it thinks is wrong or if somethings changed, etc.. I was told that
cops and raxco (raxco is based on cops) do more than one type of testing. What you describe is what the tripwire program does. COPS does this as well I believe but COPS will also look for certain bad configurations that would let an intruder do naughty things.
PINGWARE is a tool that is used for penetration testing (i.e., it circumvents the target systems security and reports back.). Or is this a tool where you have to install an agent on the machine you need to analyse and it comes back and reports on things like guessed passwords, improper file and directory permissions, exported file systems, etc.?
PINGWARE is similar to COPS in that it will look for bad configurations and report back to you. PINGWARE does its work, however, by connecting to services over tcp/ip. It checks things like what version of sendmail you are running. The ISS program also works along these lines. The original version is freely available and was posted to one of the comp.sources groups. The current version of ISS is a commercial product.
| dagostin () killerbee jsc nasa gov (713-282-3717) |
Current thread:
- PINGWARE bukys () cs rochester edu (Aug 04)
- <Possible follow-ups>
- Re: PINGWARE Jason Prondak (Aug 08)
- possible holes in IRIX administration programs? Steve Kotsopoulos (Aug 10)
- Re: PINGWARE John D'Agostino (Aug 10)
- Re: PINGWARE Timothy Newsham (Aug 10)