Pingware info - was "Re: newbie intro"
adamsb@un.org
Mon, 27 Feb 95 15:45:52 EST
For those who sent e-mail, sorry I didn't include enough information
about Pingware. Pingware is a commercial product from Bellcore, which
employs the hacking techniques that Bellcore employees have observed
as being widely used. It is more agressive than ISS (which we also
use). Pingware is usually noticed whereas ISS often isn't.
It is sold with two different prices, one includes consulting to
interpret the results, the other price does not include consulting.
As a simple country boy who only learned to read the road signs that
lead away from the farm (really was a hog farmer), I bought
Pingware with consulting then found I didn't really need the
consulting.
The Bellcore contact is June Ralph, (908) 699 4647, who did a very
convincing demo for us. We had spent a month tightening up a machine
we planned to put on the Internet. June installed Pingware on a
nearby machine and it promptly stole the password file from the
machine we had just finished tightening up. However, it was not able
to crack any passwords because we were using pass phrases.
Using various software packages including Pingware to routinely check
the security of every Unix box we can find on our network has provided
some surprising results. Several times, secure machines got a
software upgrade and the software upgrade included a Guest account
with no password or a mail account with no password, that had not been
there before and was not mentioned anywhere in the upgrade
documentation.
If all this sounds like I know what I'm talking about, don't let that
fool you. I simply read everything I could get on computer and
network security from CERT, SRI, NSA and CIAC.
Hog Farmer
Tropical Hog Improvement Programme