COPS (software)

The Computer Oracle and Password System (COPS) was the first vulnerability scanner for Unix operating systems to achieve widespread use. It was created by Dan Farmer while he was a student at Purdue University. Gene Spafford helped Farmer start the project in 1989.

This article is about the software. For the governing body "Conference of the Parties", see COP16.

Features

COPS is a software suite comprising at least 12 small vulnerability scanners, each programmed to audit one part of the operating system:[1]

  • File permissions, including device permissions/nodes
  • Password strength
  • Content, format, and security of password and group files (e.g., passwd)
  • Programs and files run in /etc/rc* and cron(tab) files
  • Root-SUID files: Which users can modify them? Are they shell scripts?
  • A cyclic redundancy check of important files
  • Writability of users' home directories and startup files
  • Anonymous FTP configuration
  • Unrestricted TFTP, decode alias in sendmail, SUID uudecode problems, hidden shells inside inetd.conf, rexd in inetd.conf
  • Various root checks: Is the current directory in the search path? Is there a plus sign ("+") in the /etc/host.equiv file? Are NFS mounts unrestricted? Is root in /etc/ftpusers?
  • Compare the modification dates of crucial files with dates of advisories from the CERT Coordination Center
  • Kuang expert system

After COPS, Farmer developed another vulnerability scanner called SATAN (Security Administrator Tool for Analyzing Networks).

COPS is generally considered obsolete, but it is not uncommon to find systems which are set up in an insecure manner that COPS will identify.

gollark: > If god is omnipresent, and popes can directly communicate with god, and if god is willing to relay messages between popes, then by deploying popes strategically over large distances we can achieve faster than light communication via the holy spirit.Highly ideatic idea. What bandwidth do you estimate can be achieved with interpapal linking? Note that this PROBABLY would violate causality.
gollark: â„¢ by osmarks apiomathematicityâ„¢
gollark: I was programming for an arduino about 30 minutes ago for reasons, thus C++(ish), thus muahaahahaha.amajahans.
gollark: ddg! Sinthorionized apioformic thaumaturgy
gollark: Why did r9ktest get apioformicited?

References
  1. COPS README.1 file


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.