home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Unix System Administration Handbook 1997 October
/
usah_oct97.iso
/
index
/
cops.txt
< prev
next >
Wrap
Text File
|
1997-09-22
|
3KB
|
84 lines
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
INDEX ENTRY FOR COPS:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Name: COPS - Checks for system security problems
Version: 1.04+
Author(s): Dan Farmer <zen@trouble.org>
With many additional contributors
On the CD-ROM in: security/cops.tar
Ftp source: archive.cis.ohio-state.edu:/pub/cops
Size on the CD: 492 KB (compressed)
Description:
COPS is a static security checking tool that checks common
(mostly) procedural problems of a UNIX system. It basically takes
a snapshot of a system, and then generates a report of its
findings. On a purely empirical basis, over the years it has
successfully discovered problems that could compromise root on
more than 3/4 or more of the systems I've run it on; of course,
the idea here is not to break root, but to let someone fix the
problems it shows. Note, of course, that it gives info
indiscriminately, to whoever runs it. Decide if you do or don't
want to learn about the information it can give about your system,
but remember -- someone else probably already has it.
-- Quoted from cover_letter by Dan Farmer in the cops_104 distribution.
Advertised architectures:
p.s. Just for snix, here are some of the machine/OS's I know this
sucker works on; far and away the most common problem was getting that
stupid password cracking program to compile, followed by systems without
the -ms package to nroff. Some minor problems with config files -- I
*think* these are all ok:
DECstation 2100, 3100, 5000, Ultrix 2.x, 3.x, 4.x (Ultrix is braindead.)
Sun 3's, 4's (incl. Solbourne and clones) -- 3.x, 4.x
Gould 9080 Powernode, hacked up Gould OS (whatever it is)
sequent S-87 symmetry, dynix V3.x (both att & bsd universes; att required
"BRAINDEADFLAGS = -lcrypt" to be uncommented.
ETA-10P, Sys V R3 based
Convex boxes, all types, OS's (up to 9.x, the most recent)
Apollo dn3000 & dsp90, Domain SR 9.7, 10.x (see "readme.apollo")
Vax 11/780, 4.x BSD (Mt. Xinu, tahoe and stock)
Vaxstation, MicroVax, Vax 6320 & 8800, Ultrix 2.x, 3.x, 4.x
HP900/370, HP-UX 6.x, 7.x
Cray 2 & Y-MP, UNICOS 5.x, 6.x
Amdahl 5880, UTS 580-1.2.3
SGI 2500's, IRIX GL 3.6
SGI 4D's, IRIX System V Release 3.x
'286 & '386 Boxes, running Xenix (see "readme.xenix")
AT&T 3B2 & 3B1, SysVR[3-4]
CADMUS box (R3000 & 68020 cpu), SysVR3.2
Pyramid, running 4.4c and 5.1a
Apple Mac IIci, running AUX 2.x. The "test -z" seemed broken on this,
but I only had a brief chance to test it out, but kuang didn't like it
as a result. I'll get a working version soon; everything seemed ok
(change the /etc/servers line in "misc.chk").
NeXT, 1.x
(password stuff is different on this machine, though; cracking is
strange. Diffs anyone? Also, /bin/test vs. shell builtin "test" is
*weird*.)
Multimax 320, 12 Processors, 64Mb Memory, Encore Mach Version B1.0c (Beta)
(no crypt(3) on this machine. Sigh.)
IBM rs6000, AIX 3.1 (DEADBEEF about sums it up.)
I've lost track of the others. If you have some bizarre piece of
hardware that you've run it on, I'd like to hear about it...
-- Quoted from README.1 by Dan Farmer in the cops_104 distribution.
Prerequisites: C Compiler and Perl > 3.18 (for Perl version)