Automated checking for Windows host vulnerabilities
暂无分享,去创建一个
Evaluation of computing system security requires knowledge of the vulnerabilities present in the system and of potential attacks against the system. Vulnerabilities can be classified based on their location as application vulnerabilities, network vulnerabilities, or host vulnerabilities. This paper describes Ferret-Windows, a new software tool for checking host vulnerabilities on the Windows platforms. This tool helps system administrators by quickly finding vulnerabilities that are present on a host. It is designed and implemented in a modular way: a plug-in module is used for each vulnerability checked, and each possible output format is specified by a plug-in module. Moreover, several vulnerability fixing plug-in modules exist to help users remove specific vulnerabilities. As a result, Ferret-Windows is extensible, and can easily be kept up-to-date through the addition of checks for new vulnerabilities as they are identified. Finally, Ferret-Windows is a freely available open-source software
[1] FrazerKen. Building secure software , 2002 .
[2] William H. Sanders,et al. Ferret: a host vulnerability checking tool , 2004, 10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings..
[3] Ken Frazer,et al. Building secure software: how to avoid security problems the right way , 2002, SOEN.
[4] Eugene H. Spafford,et al. The COPS Security Checker System , 1990, USENIX Summer.