COPS (software)

Encyclopedia : C : CO : COP : COPS (software)

---

COPS was the first common Unix computer system security scanning tool, created by Dan Farmer; Gene Spafford helped him start it in 1989 while Dan was in summer school at Purdue University.

Features

COPS integrates around 12 small security check programs which review the security state of the system it is run on. These programs look for (from the COPS README.1 file):

• file, directory, and device permissions/nodes
• poor passwords
• content, format, and security of password and group files
• programs and files run in /etc/rc* and cron(tab) files
• existence of root-SUID files, their writability, and whether they are shell scripts
• a CRC check against important binaries or key files
• writability of users home directories and startup files
• anonymous ftp setup
• unrestricted tftp, decode alias in sendmail, SUID uudecode problems, hidden shells inside inetd.conf, rexd in inetd.conf
• miscellaneous root checks -- current directory in the search path, a "+" in the /etc/host.equiv file, unrestricted NFS mounts, ensuring root is in /etc/ftpusers
• checking dates of CERT advisories vs. key files.
• the Kuang expert system

COPS was the forerunner of the SATAN network security scan tool. COPS is generally considered obsolete, but it is not uncommon to find systems which are set up in an insecure manner that COPS will identify.

See also:

• Dan Farmer
• Gene Spafford
• SATAN

External links:

• [The COPS program]
• [Citeseer entry for the COPS Usenix paper]

 

---

From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating.
All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details.

Search Titles

0

1

2

3

4

5

6

7

8

9

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z

?