Rootkit Detection Program [info]

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Christopher Klaus: "S3"
• Previous message: Jay J. Kahn: "Workshop on Information Technology - Assurance and Trustworthiness"

We are building a System Security Scanner (S3) that audits machines.
It looks for vulnerabilities in Unix.  We have added MD5 checksum
tests for looking for unpatched binaries as well as rootkit programs.

We currently have tested for Linux rootkit and SunOs rootkit.  There is
tests looking for other hacking signatures and intrusions.  Like testing
for sniffers and hidden files.

We are looking for people to test this software and give us feedback.
You can download the software on ftp.iss.net/sss 

This software currently works under Sun, Solaris, Linux.  We have working
on an AIX and HP version as well.

I would also like to see if other people on this list think these tests
are valuable to audit for.


thanks,
chris

-- 
Christopher William Klaus            Voice: (404)252-7270. Fax: (404)252-2427
Internet Security Systems, Inc.                        "Internet Scanner finds
Ste. 115, 5871 Glenridge Dr, Atlanta, GA 30328     your network security holes
Web: http://iss.net/  Email: cklaus@iss.net            before the hackers do."

• Next message: Christopher Klaus: "S3"
• Previous message: Jay J. Kahn: "Workshop on Information Technology - Assurance and Trustworthiness"