David R. Saord, Douglas Lee Schales, and David K. Hess. The TAMU Security Package: An Ongoing Response to Internet Intruders in a Academic Environment. In Proceedings of the Fourth USENIX UNIX Security Symposium, October 1993.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....have been used, mainly because they cover most of the needs in this particular academic and research environment. The main set of tools used consists of COPS [FS90] TCP Wrappers [Ven92] Passwd [Bis95] Crack [Muf] TripWire [KS93, KS94a, KS94b] and SATAN [FV] although other tools (like Tiger [SSH93] S Key [Hal94, HA94] and the logdaemon suite [Ven] are also used. Experience has shown that, when need arises to diagnose a problem, the solution often comes after collecting information from more than one source, including, but not restricted to, the tools mentioned above. For example, to ....

Dave Safford, Douglas Lee Schales, and David K. Hess. The TAMU security package: An ongoing response to internet intruders in an academic environment. In Proceedings of the Fourth USENIX UNIX Security Symposium, pages 91--118. Usenix, October 1993. Program available at ftp://ftp.super.unam.mx/pub/security/tools/TAMU/.

.... programs and shell scripts that each attempt to detect different problem areas in Unix security (e.g. system directories with loose permissions and poor password files, among others) A similar tool developed by Texas A M University and called Tiger Scripts is based on the tiger team concept [13]. Tiger Scripts executes a set of scripts that scans Unix systems for common security vulnerabilities. It also performs checksums on system binaries to determine if critical system software has been changed between scans. Each of the tools summarized above performs post facto security analysis on ....

D.R. Safford, D.L. Schales, and D.K. Hess. The TAMU security package: An ongoing response to Internet intruders in an academic environment. In Proceedings of the Fourth Usenix UNIX Security Symposium, pages 91--118, Santa Clara, CA, October 1993.

....the views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the defense advanced research projects agency or the u.s. government. level vulnerabilities for a given site [2, 3, 9, 5]. These tools do not provide an assessment of an organization s vulnerability to novel threats against vulnerable software. Recognizing that 90 of military systems use commercial architectures [10] the problem of untrusted software becomes of critical importance to those concerned with ....

D.R. Safford, D.L. Schales, and D.K. Hess. The TAMU security package: An ongoing response to Internet intruders in an academic environment. In Proceedings of the Fourth Usenix UNIX Security Symposium, pages 91--118, Santa Clara, CA, October 1993.

....penetrate and patch tactics were the domain of elite security professionals and consultants whose methods and tools were as secretive as their services were expensive. More recently, many of their methods and tools have been captured in public domain security tools like Satan, COPS, ISS, and TAMU [2, 3, 7, 6]. These tools have been hailed as bringing computer security analysis to the average desktop computer user. They have also been criticized for putting years of security experience into the hands of computer crackers in the form of simple point andclick tools. It is exactly these sorts of tools ....

D.R. Safford, D.L. Schales, and D.K. Hess. The TAMU security package: An ongoing response to Internet intruders in an academic environment. In Proceedings of the Fourth Usenix UNIX Security Symposium, pages 91--118, Santa Clara, CA, October 1993.

....data as possible. For UNIX systems, 20] and [5] report that intrusion data can be obtained from various sources, such as CERT advisories, periodicals such as PHRACK and 2600, and the USENET [10] and also by analyzing the vulnerabilities detected by security tools such as COPS [11] and TIGER [30]. Next, assuming that the number of intrusions is too large to simulate all of them, the testers must partition the set of intrusions into classes, and then create a representative subset of intrusions by selecting one or more intrusions from each class. This technique is known in the ....

D. R. Safford, D. L. Schales, and D. K. Hess, "The TAMU Security Package: An Ongoing Response to Internet Intruders in an Academic Environment," Proc., Fourth USENIX UNIX Security Symposium, Santa Clara, CA, pp. 91-118, October, 1993.

....the principles at the heart of the COPS tool, 8] and one which we believe contributed greatly to its wide spread acceptance and use. 3 Existing Tools Most available UNIX security tools fall into two categories: static audit tools and integrity checkers. Among the most prominent are COPS[8] TAMU[20], crc check[8] Hobgoblin[13] and ATP[25] 6 A few commercial security tools also exist, but they are comparable to the user community tools 5 We measured a Sun SparcStation 1 as capable of generating 37 Snefru signatures per second 6 SPI, a widely used tool developed by the U. S. ....

....detect multiple bit errors in a data stream (e.g. 3] Reversing the CRC function to yield a desired signature is a well understood process, and tools to assist a potential intruder are widely available[10] 3.2 TAMU TAMU is a set of security utilities being distributed by Texas A M University. [20] Included in the package is a static audit tool, a signature database to check system binaries against known signatures of patch files, and a sophisticated network traffic analyzer that aids system administrators in assessing outside threats. TAMU is shipped with a database of signatures for ....

David R. Safford, Douglas Lee Schales, and David K. Hess. The TAMU security package: An ongoing response to internet intruders in an academic environment. In DeHart [5], pages 91--118.

....the principles at the heart of the COPS tool, 8] and one which we believe contributed greatly to its wide spread acceptance and use. 3 Existing Tools Most available UNIX security tools fall into two categories: static audit tools and integrity checkers. Among the most prominent are COPS[8] TAMU[22], crc check[8] Hobgoblin[15] and ATP[28] 5 A few commercial security tools also exist, but they are comparable to the user community tools mentioned here. While many of these tools may be outstanding in their own right, most are mismatches for integrity checking in UNIX environments. 3.1 ....

....detect multiple bit errors in a data stream (e.g. 3] Reversing the CRC function to yield a desired signature is a well understood process, and tools to assist a potential intruder are widely available[10] 3.2 TAMU TAMU is a set of security utilities being distributed by Texas A M University. [22] Included in the package is a static audit tool, a signature database to check system binaries against known signatures of patch files, and a sophisticated network traffic analyzer that aids system administrators in assessing outside threats. 5 SPI, a widely used tool developed by the U. S. ....

David R. Safford, Douglas Lee Schales, and David K. Hess. The TAMU security package: An ongoing response to internet intruders in an academic environment. In DeHart [5], pages 91--118.

....to rlogin security is completely modular. By using the x kernel [1] as our design framework, the network security layer can provide authentication and privacy services without changing application layer programs. Other solutions, such as Kerberos[15] and the encrypted telnet programs discussed in [23, 26], require modifying existing server and client programs. Our modifications to rlogin allow it to establish a more flexible security policy than it did previously. We attribute the simplicity of our implementation and the concise interface between the application and secure network layer to our ....

....centralized ticket server. Because of this, and the associated problems of scaling this approach to the entire Internet, Kerberos may not be a generally feasible solution. 4. 4 Encrypted telnet packages Telnet modifications that incorporate encryption and authentication services are described in [23, 26]. This approach incorporates all aspects of network security at the application layer. Instead of delegating these functions to a package such as Kerberos, or delegating them to a network layer protocol, these packages reimplement them on a per application basis. As a result, considerable ....

David R. Safford, Douglas Lee Schales, and David K. Hess. The TAMU security package: An ongoing response to internet intruders in an academic environment. pages 91--118, Berkeley, CA, 1993. USENIX Association.

No context found.

David R. Saord, Douglas Lee Schales, and David K. Hess. The TAMU Security Package: An Ongoing Response to Internet Intruders in a Academic Environment. In Proceedings of the Fourth USENIX UNIX Security Symposium, October 1993.

No context found.

David K. Hess David R. Saord and Douglas Lee Schales, \The TAMU Security Package: An Ongoing Response to Internet Intruders in an Academic Environment, " Tech. Rep.,

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC