|
Unix Tools
|
|
|
System Monitoring Tools
-
-
COPS
-
- Check Promiscuous Mode (cpm)
-
- ifstatus
-
- Internet Security Scanner (ISS)
-
- Merlin
-
- RIACS Intelligent Auditing and Categorizing System
-
- Spar
-
- SPI-Net
-
- Swatch
-
- Tiger
-
- Tripwire
-
- Watcher
The Computer Oracle and Password System (COPS) package from Purdue
University. Examines a system for a number of known weaknesses and
alerts the system administrator to them; in some cases it can
automatically correct these problems.
![[Download]](/file/34401/Supernet21.iso/offline/w32/images/z0000087.GIF)
The cpm program from Carnegie Mellon University.
Checks a system for any network interfaces in
promiscuous mode; this may indicate that an attacker
has broken in and started a packet snooping program.
The ifstatus program by Dave Curry. Checks a system
for any network interfaces in promiscuous mode; this
may indicate that an attacker has broken in and
started a packet snooping program. Designed to be run
out of cron.
The iss program by Christopher Klaus. A multi-level
security scanner that checks a UNIX system for a
number of known security holes such as problems with
sendmail, improperly configured NFS file sharing, etc.
Merlin is the work of CIAC. It is a tool for managing and
enhancing existing security tools. It can provide a graphical
front-end to many popular tools,
such as SPI-Net, Tiger, COPS, Crack, and Tripwire. Merlin makes these
tools easier to use, while at the same time extending their
capabilities.
![[Information]](/file/34401/Supernet21.iso/offline/w32/images/z0000103.GIF)
The RIACS Intelligent Auditing and Categorizing System, from the
Research Institute for Advanced Computer
Science. A file system auditing program that compares
current contents against previously-generated listings,
and reports differences.
The spar program, for showing process
accounting records. Much more flexible
and powerful than the standard UNIX utilities such as lastcomm.
Security Profile Inspector for Networks (SPI-Net)
is the work of the Computer Security
Technology Center
(CSTC).
SPI-Net provides a suite of security inspections
for most Unix systems at the
touch of a button. The SPI-Net software product is available free of
charge to all U.S. Government agencies.
The Swatch package by Stephen
Hansen and Todd Atkins.
A system for monitoring events
on a large number of
systems. Modifies certain programs to enhance their
logging capabilities, and software to then monitor the
system logs for ``important''
messages.
The tiger package of system
monitoring
scripts. Similar to COPS in what they
do, but significantly more up
to date,
and easier to configure and use.
The Tripwire package from Purdue University. Scans
file systems and computes digital signatures for the
files therein, then can be used later to check those
files for any changes.
The Watcher package by Kenneth Ingham. A configurable
and extensible system monitoring tool that issues a
number of user-specified commands, parses the output,
checks for items of significance, and reports them to
the system administrator.
[CIAC Home Page]
[Disclaimer]
Last modified: Thursday, 27-Mar-97 15:40:58 PST
CIAC / webmaster@ciac.llnl.gov
Merlin