Title: Host based security scanners

KBTAG: kben10000057
URL: http://www.securityportal.com/lskb/10000050/kben10000057.html
Date created: 17/07/2000
Date modified:
Date removed:
Authors(s): Kurt Seifried seifried@securityportal.com
Topic: Host based security scanners
Keywords: System

Summary:

There are a number of automated software packages that can scan your system for common problems.

More information:

Host scanners are software you run locally on the system to probe for problems. 

Cops

Cops is extremely obsolete and it’s original home on CERT’s ftp site is gone. This is mentioned for historical accuracy only.

Tiger

Tiger is still under development, albeit slowly, Texas Agricultural and Mechanical University used to require that a UNIX host pass tiger before it was allowed to connect to the network from offsite. You can get it from: ftp://net.tamu.edu/pub/security/TAMU/.

check.pl

check.pl is a nice Perl program that checks file and directory permissions, and will tell you about any suspicious or ‘bad’ ones (setuid, setgid, writeable directories, etc). Very useful but it tends to find a lot of false positives. It’s available at: http://opop.nols.com/proggie.html.