Title :
Ferret: a host vulnerability checking tool
Author :
Sharma, Anil ; Martin, Jason R. ; Anand, Nitin ; Cukier, Michel ; Sanders, William H.
Author_Institution :
Dept. of Mech. Eng., Maryland Univ., College Park, MD, USA
Abstract :
Evaluation of computing system security requires knowledge of the vulnerabilities present in the system and of potential attacks against the system. Vulnerabilities can be classified based on their location as application vulnerabilities, network vulnerabilities, or host vulnerabilities. We describe Ferret, a new software tool for checking host vulnerabilities. Ferret helps system administrators by quickly finding vulnerabilities that are present on a host. It is designed and implemented in a modular way: a different plug-in module is used for each vulnerability checked, and each possible output format is specified by a plug-in module. As a result, Ferret is extensible, and can easily be kept up-to-date through addition of checks for new vulnerabilities as they are discovered; the modular approach also makes it easy to provide specific configurations of Ferret tailored to specific operating systems or use environments. Ferret is a freely available open-source software implemented in Perl.
Keywords :
program verification; security of data; software tools; Ferret software tool; Perl; host vulnerability checking tool; open-source software; plug-in module; security auditing tool; security evaluation; Application software; Computer security; Contracts; Data security; Educational institutions; Knowledge engineering; Mechanical engineering; Open source software; Reliability engineering; Software tools;
Conference_Titel :
Dependable Computing, 2004. Proceedings. 10th IEEE Pacific Rim International Symposium on
Print_ISBN :
0-7695-2076-6
DOI :
10.1109/PRDC.2004.1276595
