COPS (software)
Encyclopedia
COPS was the first common Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...

 computer system security scanning tool,
created by Dan Farmer
Dan Farmer
Dan Farmer is an American computer security researcher. In a summer course in 1989, in order to graduate from Purdue University he started the development of the COPS program for identifying security issues on Unix systems under Gene Spafford, first releasing it after leaving Purdue in late 1989...

; Gene Spafford
Gene Spafford
Eugene Howard Spafford , commonly known as Spaf, is a professor of computer science at Purdue University and a leading computer security expert....

 helped him start it in 1989 while Dan was in summer school at Purdue University
Purdue University
Purdue University, located in West Lafayette, Indiana, U.S., is the flagship university of the six-campus Purdue University system. Purdue was founded on May 6, 1869, as a land-grant university when the Indiana General Assembly, taking advantage of the Morrill Act, accepted a donation of land and...

.

Features

COPS(Computer Oracle and Password System) integrates around 12 small security check programs which review the security
state of the system it is run on.
These programs look for (from the COPS README.1 file):
  • file, directory, and device permissions/nodes
  • poor passwords
  • content, format, and security of password and group files
  • programs and files run in /etc/rc* and cron(tab) files
  • existence of root-SUID files, their writability, and whether they are shell scripts
  • a CRC check against important binaries or key files
  • writability of users home directories and startup files
  • anonymous ftp setup
  • unrestricted tftp, decode alias in sendmail, SUID uudecode problems, hidden shells inside inetd.conf, rexd in inetd.conf
  • miscellaneous root checks -- current directory in the search path, a "+" in the /etc/host.equiv file, unrestricted NFS mounts, ensuring root is in /etc/ftpusers
  • checking dates of CERT advisories vs. key files.
  • the Kuang expert system


COPS was the forerunner of the SATAN
Security Administrator Tool for Analyzing Networks
The Security Administrator Tool for Analyzing Networks is a testing and reporting toolbox that collects a variety of information about networked hosts and was considered one of the best when written. In fact, it was the first truly user-friendly network scanner...

 network security scan tool.
COPS is generally considered obsolete, but it is not uncommon to find systems which are set up in an insecure manner that COPS will identify.

See also

  • Dan Farmer
    Dan Farmer
    Dan Farmer is an American computer security researcher. In a summer course in 1989, in order to graduate from Purdue University he started the development of the COPS program for identifying security issues on Unix systems under Gene Spafford, first releasing it after leaving Purdue in late 1989...

  • Gene Spafford
    Gene Spafford
    Eugene Howard Spafford , commonly known as Spaf, is a professor of computer science at Purdue University and a leading computer security expert....

  • SATAN
    Security Administrator Tool for Analyzing Networks
    The Security Administrator Tool for Analyzing Networks is a testing and reporting toolbox that collects a variety of information about networked hosts and was considered one of the best when written. In fact, it was the first truly user-friendly network scanner...


External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK