Title :
Detecting security vulnerabilities in remote TCP/IP networks: an approach using security scanners
Author :
Lérida, Joaquín López ; Grackzy, Silvio Martin ; Viña, Angel ; Anduj, José Manuel
Author_Institution :
Dept. of Electron. & Syst., Univ. of A. Coruna, Spain
Abstract :
The objective of the paper is to carry out an analysis of tools used for performing external security audits. All the tools with the capacity to remotely detect vulnerabilities which are currently available in the market were used to carry out this analysis. Although these tools are sometimes used to carry out internal audits of operating systems, this paper is exclusively centred on the capacity that these tools have for detecting security holes in remote machines. To produce this paper we have used a testbed composed of two UNIX machines running Solaris 2.5, and a PC with Windows NT 4.0. Whenever versions of the tools permitted it, attacks were carried out from Windows NT against Solaris and vice versa
Keywords :
Unix; auditing; computer network management; computer network reliability; network computers; network operating systems; security of data; telecommunication security; transport protocols; PC; Solaris 2.5; UNIX machines; Windows NT 4.0; external security audits; remote TCP/IP networks; remote machines; security scanners; security vulnerability detection; Computer security; Consumer electronics; IP networks; Informatics; Intelligent networks; Local area networks; Operating systems; Systems engineering and theory; TCPIP; Testing;
Conference_Titel :
Security Technology, 1999. Proceedings. IEEE 33rd Annual 1999 International Carnahan Conference on
Conference_Location :
Madrid
Print_ISBN :
0-7803-5247-5
DOI :
10.1109/CCST.1999.797953
