[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internet Security Scanner, description



Just in case you think your machine on the Internet is secure enough for
remailers, storing private files, etc. here's the author's description 
from the source code shell archive as posted to comp.sources.misc.
It would be a big confidence booster if remailer sites demonstrate
that they have passed ISS and other Internet security tests.
----------------------
Internet Security Scanner (ISS) is one of the first multi-level security
scanners available to the public.  It was designed to be flexible and easily
portable to many unix platforms and do its job in a reasonable amount of
time.  It provides information to the administrator that will fix obvious
security misconfigurations.

ISS does a multi-level scan of security, not just searching for one
weakness in the system.  To provide this to the public or at least to the
security conscious crowd may cause people to think that it is too dangerous
for the public, but many of the (cr/h)ackers are already aware of these
security holes and know how to exploit them.

These security holes are not deep in some OS routines, but standard
misconfigurations that many domains on Internet tend to show.  Many of these
holes are warned about in CERT and CIAC advisories.  This is the first
release of ISS and there is still much room for improvement.

ISS is a project that I started as I became interested in security.  As I
heard about (cr/h)ackers breaking into NASA and universities around the
world, I wanted to find out the deep secrets of security and how these people
were able to gain access to expensive machines that I would think were
secure.  I searched Internet for relative information, such as Phrack and
CERT advisories.

Most information was vague and did not explain how intruders were able to
gain access to most systems.  At most the information told administrators to
make password security tighter and to apply the vendor's security patches.
They lacked real information on how an intruder would look at a site to try
to gain access.  Having talked with security experts and reading CERT
advisories, I started trying to look for various security holes within my
domain.

To my surprise, I noticed that many of machines were adequately secured,
but within a domain there remained enough machines with obvious holes that
anyone wanted into any machine could attack the weak 'trusted' machine and
from there could gain access to the rest of the domain. From this project, I
have not learned any new deep secret to cracking systems, but with the right
tools that most domains on Internet are insecure.  These holes will not be a
surprise to any advanced intruder, but with this tool administrators will be
able to quickly search for obvious holes and prepare to fix them.