HOME

TheInfoList



Click Here for Items Related To - COPS (software)
OR:
COPS (software) on:   [Wikipedia]   [Google]   [Amazon]

The Computer Oracle and Password System (COPS) was the first
vulnerability scanner A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are utilized in the identification and detecti ...
for
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
s to achieve widespread use. It was created by Dan Farmer while he was a student at
Purdue University Purdue University is a public land-grant research university in West Lafayette, Indiana, and the flagship campus of the Purdue University system. The university was founded in 1869 after Lafayette businessman John Purdue donated land and ...
. Gene Spafford helped Farmer start the project in 1989.


Features

COPS is a
software suite A software suite (also known as an application suite) is a collection of computer programs (application software, or programming software) of related functionality, sharing a similar user interface and the ability to easily exchange data with eac ...
comprising at least 12 small vulnerability scanners, each programmed to audit one part of the operating system:COPS README.1 file * File permissions, including device permissions/nodes *
Password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
strength * Content, format, and security of password and group files (e.g.,
passwd passwd is a command on Unix, Plan 9, Inferno, and most Unix-like operating systems used to change a user's password. The password entered by the user is run through a key derivation function to create a hashed version of the new password, wh ...
) * Programs and files run in /etc/rc* and cron(tab) files * Root-SUID files: Which users can modify them? Are they
shell script A shell script is a computer program designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be scripting languages. Typical operations performed by shell scripts include file manip ...
s? * A cyclic redundancy check of important files * Writability of users' home directories and startup files * Anonymous FTP configuration * Unrestricted TFTP, decode alias in
sendmail Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over the Internet. A descendant of the ...
, SUID uudecode problems, hidden shells inside inetd.conf, rexd in inetd.conf * Various root checks: Is the current directory in the search path? Is there a plus sign ("+") in the /etc/host.equiv file? Are NFS mounts unrestricted? Is root in /etc/ftpusers? * Compare the modification dates of crucial files with dates of advisories from the
CERT Coordination Center The CERT Coordination Center (CERT/CC) is the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI), a non-profit United States federally funded research and development center. The CERT/C ...
* Kuang expert system After COPS, Farmer developed another vulnerability scanner called SATAN ( Security Administrator Tool for Analyzing Networks). COPS is generally considered obsolete, but it is not uncommon to find systems which are set up in an insecure manner that COPS will identify.


References


External links


COPS
1989 software Linux security software Unix security-related software {{security-software-stub