Transcription
Information Assurance Technology Analysis CenterInformation Assurance Tools ReportSpring 9B1DISTRIBUTION STATEMENT A - Approved for public release, distribution is unlimitedVULNERABILITY ANALYSIS
8283 Greensboro Drive, Allen 663McLean, VA 22102-3838703.902.3177Fax 703.902.3425STU-III 703.902.5869STU-III Fax 703.902.3991E-mail iatac@dtic.mil-tittp://www.iatac.dtic.mi
Form ApprovedOMB No. 074-0188REPORT DOCUMENTATION PAGEPublic reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintainingthe data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions forreducing this burden to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office ofManagement and Budget, Paperwork Reduction Project (0704-0188), Washington, DC 205031. AGENCY USE ONLY (Leave blank)2. REPORT DATE3. REPORT TYPE AND DATES COVEREDSpring 1998Spring 19984. TITLE AND SUBTITLE5. FUNDING NUMBERSInformation Assurance Technology Analysis CenterInformation Assurance Tools ReportVulnerability AnalysisSPO700-97-R-06036. AUTHOR(S)IATAC7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES)8. PERFORMING ORGANIZATIONREPORT NUMBERIATAC8283 Greensboro DriveMcLean, VA 22102N/A9. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES)10. SPONSORING / MONITORINGAGENCY REPORT NUMBERDefense Technical Information CenterDTIC/AI8725 John J. Kingman Road, #0944Ft. Belvoir, VA 22060N/A11. SUPPLEMENTARY NOTES12b. DISTRIBUTION CODE12a. DISTRIBUTION / AVAILABILITY STATEMENTAApproved for Public Release; Distribution is Unlimited13. ABSTRACT (Maximum 200 Words)This report provides an index of vulnerability analysis tool descriptions contained in theIATAC Information Assurance Tools Database. This report summarizes pertinent information,providing users with a brief description of available tools and contact information.Itdoes not endorse or evaluate the effectiveness of each tool. As a living document, thisreport will be updated periodically as additional information is entered into theInformation Assurance Tools Database.15. NUMBER OF PAGES4216. PRICE CODE None14. SUBJECT TERMSVulnerability Analysis17. SECURITY CLASSIFICATIONOF REPORT18. SECURITY CLASSIFICATIONOF THIS PAGEUnclassifiedUnclassifiedNSN 7540-01-280-5500DTIC QUALITY INSPECTED i19. SECURITY CLASSIFICATIONOF ABSTRACT20. LIMITATION OF ABSTRACTUUnclassifiedStandard Form 298 (Rev. 2-89)Prescribed by ANSI Std. Z39-18298-102
TABLE OF CONTENTSIntroduction2Purpose2Scope2Database Formulation3Tool Collection3Tool Classification3Tool Sources3Database Structure5Tool Selection Criteria5Results5Summary of Vulnerability Analysis Tools6Appendix: Vulnerability Analysis Tools8Mam mSTIC QUALITY INSPECTED 1
INTRODUCTIONThe Information Assurance Technology Analysis Center (IATAC) is a Department of Defense(DoD) sponsored Information Analysis Center(IAC) that provides a central point of access forscientific and technical information (STINFO)regarding information assurance (IA) technologies, system vulnerabilities, research and development, and models and analyses. The overarching goal of the IAC is to aid in developing andimplementing effective defenses against information warfare attacks. IATAC basic servicesinclude support for user inquiries, analysis, maintenance, and growth of the IA library; IA database operations; development of technical andstate-of-the-art reports; and promotional awareness activities, such as newsletters, conferences,and symposia.lACs are staffed by scientists, engineers, andinformation specialists. Each IAC establishes andmaintains comprehensive knowledge bases thatinclude historical, technical, scientific, and otherdata and information collected worldwide. Information collections span a wide range of unclassified, limited distribution, and classified information appropriate to the requirements of sponsoring technical communities. lACs also collect,maintain, and develop analytical tools and techniques including databases, models, and simulations. Their collections and products representintensive evaluation and screening efforts to create authoritative sources of evaluated data.This report addresses the contents of theInformation Assurance Tools Database, one ofthe knowledge bases maintained by IATAC. Thisdatabase hosts information on intrusion detection, vulnerability analysis, firewalls, and antivirussoftware applications. Information for this database is obtained via open-source methods,including direct interface with various agencies,organizations, and vendors.PURPOSEThis report provides an index of vulnerabilityanalysis tool descriptions contained in the IATACInformation Assurance Tools Database. Thisreport summarizes pertinent information, providing users with a brief description of availabletools and contact information. It does notendorse or evaluate the effectiveness of eachtool.As a living document, this report will be updated periodically as additional information isentered into the Information Assurance ToolsDatabase. Technical questions concerning thisreport may be addressed to James Green at(703) 902-4887 or iatac@dtic.mil.SCOPECurrently the IATAC database containsdescriptions of 35 tools that can be used to support vulnerability and risk assessment. Vulnerability analysis tools are programs that help automate the identification of vulnerabilities in a network or system. Vulnerabilities can be definedas weaknesses in a systems security schemeexploitation of which would negatively affect theconfidentiality, integrity, or availability of the system or its data. The type and level of detail ofinformation provided among tools varies greatly.Although some can identify only a minimal set ofvulnerabilities, others can perform a greaterdegree of analysis and provide detailed recommended countermeasures. More recently developed tools provide user-friendly front ends andsophisticated reporting capabilities. The majorityof the tools identified in the Information Assurance Tools Database are available on the Internet, and many are used by crackers in the firststage of an attack: vulnerability information gathering. Penetration tools, which perform destructive actions (i.e., denial of service attacks), areexcluded from this category. Sniffers, and Trojanhorse programs are also excluded from this category. Although many network utilities (i.e., host,finger) are valuable in identifying vulnerabilitieson a host, they are often an automated component of vulnerability analysis tools, and thereforeare not individually described in the database.The database includes commercial products,individual-developed tools, government-ownedtools, and research tools. The database was builtby gathering as much open-source data, analyzing that data, and summarizing informationregarding the basic description, requirements,availability and contact information for each vulnerability analysis tool collected. Generally, thecommercially developed products are available.The government and academic tools, however,are reserved for specific projects and organizations. The research group or university determines, on an individual case basis, the availability of these research tools. These tools areincluded in the database solely to provide infor-
mation regarding existing approaches for vulnerability analysis.DATABASE FORMULATIONThis section discusses the approach andmethodology used for identifying and collectingthe selected tools, the classification of each type,tool sources, and the structure of the database.TOOL COLLECTIONInformation for each tool was collected byleveraging existing community relationships.Collection activities included Internet searches toidentify additional corporations, governmentagencies, professional organizations, and universities with involvement in vulnerability analysis.Industry professionals were consulted for information and suggestions for identifying and collecting available tools.TOOL CLASSIFICATIONThe vulnerability analysis tools described inthe IATAC Information Assurance Tools Databasefall within one or more of the following five classes:Simple Vulnerability Identification andAnalysis A number of tools have been developed that perform relatively limited securitychecks. These tools may automate the processof scanning Transmission Control Protocol/Internet Protocol (TCP/IP) ports on target hosts,attempting to connect to ports running serviceswith well-known vulnerabilities and recording theresponse. They also may perform secure configuration checks for specific system features (e.g.,network file system [NFS] configuration, discretionary access control [DAC] settings). The userinterface of these tools is likely to be commandline based, and the reporting may include limitedanalysis and recommendations. These tools arealso likely to be "freeware."Comprehensive Vulnerability Identificationand Analysis More sophisticated vulnerabilityanalysis tools have been developed that are fairly comprehensive in terms of the scope of vulnerabilities addressed, the degree of analysisperformed, and the extent of recommendationsmade to mitigate potential security risks. Manyof these tools also provide a user-friendly graphical user interface.War Dialers A war dialer consists of software that dials a specific range of telephonenumbers looking for modems that provide a loginprompt. The tools, at a minimum, record themodem numbers and login screen, but can alsobe configured to attempt brute force, dictionarybased, login attempts. The value of these toolsto a system administrator is that they automatethe process of identifying potential "back doors"in a network. Some of the tools described abovein the "Comprehensive Vulnerability Identificationand Analysis" category include war dialers.Password Crackers Password cracker toolsattempt to match encrypted forms of a dictionarylist of possible passwords with encrypted passwords in a password file. This is possiblebecause the algorithm used to encrypt operatingsystems' passwords is public knowledge. Thesetools support system administrators by allowingthem to enforce password selection policies.Risk Analysis Tools Risk analysis tools typically provide a framework for conducting a riskanalysis but do not actually automate the vulnerability identification process. These tools mayinclude large databases of potential threats andvulnerabilities along with a mechanism to determine, based on user input, cost-effective solutions to mitigate risks. The vulnerabilities identified using a true "vulnerability analysis" tool maybe fed into a risk analysis tool.TOOL SOURCESTools and information were identified from anumber of sources. A representative sampling ofthese sources includes the following:COMMERCIALAXENT Technologies, Inc.BellcoreInternet Security SystemsIntrusion Detection, Inc.NETECT Inc.RiskWatchSecure Networks Incorporated (SNI)Somarsoft, Inc.The Mitre CorporationTrident Data SystemsWheelGroup Corporation*On March 12, 1998, Cisco Systems completed itsacquisition of WheelGroup Corporation.
Lawrence Berkeley National LaboratoryGOVERNMENT AND PROFESSIONALAGENCIES AND RESEARCH CENTERSLos Alamos National LaboratoryACM SIGSAC (Special Interest Group on Security, Audit, and Control)National Institute of Standards and Technology(NIST) Computer Systems LaboratoryAir Force Information Warfare CenterNational Security AgencyDefense Advanced Research Projects Agency(DARPA)Navy Research Laboratory Center for HighAssurance Computer Systems (NavalResearch Laboratory)Center for Secure Information Systems (CSIS) atGeorge Mason UniversityCentral Intelligence AgencyCOAST Project at Purdue UniversityComputer Security Research Laboratory at University of California at DavisComputer Security Technology Center atLawrence Livermore National LaboratoryComputing Professionals for Social Responsibility (CPSR)Defense Information Systems Agency (DISA)Department of Energy, Computer Incident Advisory Capability (CIAC)IEEE-CS Technical Committee on Security andPrivacyIFIP Technical Committee 6 (CommunicationSystems)IFIP Technical Committee 11 on Security andProtection in Information ProcessingIFIP Working Group 11.3 on Database SecurityIFIP Working Group 11.4 on Network SecurityInformation Sciences Institute, University ofSouthern California School of EngineeringInformation Security Research Centre atQueensland University of Technology, AustraliaInformation Systems Audit and Control Researchat CalPoly PomonaInstitute for Computer & TelecommunicationsSystems Policy at The George WashingtonUniversityNavy Space and Naval Warfare Systems Command (SPAWAR)SIRENE: Sicherheit in REchnerNEtzen (Securityin Computer Networks) at the University ofHildesheim/IBM ZurichTexas A&M UniversityU.S. Army Office of the Director of InformationSystems for Command, Control, Communications, and Computers (ODISC4)USENIX & System Administrators' Guild (SAGE)FIRST (FORUM OF INCIDENT RESPONSEAND SECURITY TEAMS)Air Force Computer Emergency Response Team(AFCERT)Army Computer Emergency Response Team(ACERT)Australian Computer Emergency ResponseTeam (AUSCERT)CERT Coordination Center, Carnegie Mellon UniversityComputer Emergency Response Team for theGerman Research Network (DFN-CERT),German Federal Networks CERT, GermanyComputer Incident Advisory Capability (CIAC),U.S. Department of EnergyNASA Automated Systems Incident ResponseCapability (NASIRC)Naval Computer Incident Response Team (NAVCIRT)Purdue University Computer EmergencyResponse Team (PCERT)International Association for CryptologicResearchSURFnet Computer Emergency Response Team(CERT-NL), NetherlandsInternational Computer Security Association(ICSA)Swiss Academic and Research Network CERT,Switzerland (SWITCH-CERT)
DATABASE STRUCTUREThe fields of the database include the following:Title Name and abbreviation associated with thetoolAuthor Developer of the toolSource Uniform resource locator (URL) of theprimary source for obtaining the toolKeyword Terms used to reference the toolsusing the database search engineContact Information Name, organization, telephone, facsimile, e-mail, and URL information foradditional tool informationAbstract Brief description of the primary features of the toolRequirements System requirements for operating the toolAvailability Accessibility information includingprocedures and pricing in some casesTOOL SELECTION CRITERIAThe selected tools satisfy the following threecriteria:Definition These tools satisfy the objective,approach, and methodology of an vulnerabilityanalysis tool based on the definition of vulnerability.Specificity to Vulnerability Analysis Theprimary function of these tools is vulnerabilityanalysis. They may also be used during theearly stages of a penetration attack to identifythe target system's weaknesses and help finetune the attack. However, penetration test tools,whose primary purpose is to exploit identifiedvulnerabilities and cause damage or destructionto the target system, have been excluded.Current Availability These tools are currentlyavailable from the Government, academia, orcommercial sources, or as freeware on the Internet.RESULTSThe research for this report identified 35 vulnerability analysis tools currently being used andavailable. Appendix A includes complete database output for each tool. The content of Appen-dix A mirrors the database structure as defined inthe "Database Structure" section of this report.The following summary chart provides the name,keywords, and a description of each tool.
ITitleSource IndividualCONNECTIndividualCOPS (ComputerOracle and PasswordSystem)CPM (CheckPromiscuous Mode)CrackIndividualDomain ct' /.Organization1Secure Networks Inc.sales@secnet.comhttp://www.secnet.com/Bob habbirSafdarshabbir@panix.comunknownunknownDan /www.earthlink.net/company/fa rmer.htmlsimple vulnerabilityanalysispassword crackerCERT CoordinationCenterAlec Muffettcert@cert.orgalec.muffet@uk.sun.comsimple vulnerabilityanalysissimple vulnerabilityanalysisrisk analysisSteve tinfo.htmlhttp://www.users.dircon.co.uk/ crypto/index.htmlhttp://www.isi.edu/Somarsoft, key l/-WEY/esprit/Space and NavalWarfare System?CenterDavid navy.mil/ICEPICK/daveg@escape.comPatrick /unixhttp://www.iss.netDaniel tacthtmLOPHT HeavyIndustriesNETECT Inc.info@LOpht.com om/LOphtcrack/http://www.netect.comAXENT Technologies,Inc.Joel @wheelgroup.comDouglas contact/1 contact.htmlhttp://www.jhu.edu/Leendert van Doomleendert@cs.vu.nlAXENT Technologies,IncDan Farmerinfo@axent.comcomprehensivevulnerability analysissimple vulnerabilityanalysissimple vulnerabilityanalysissimple vulnerabilityanalysiscomprehensivevulnerability analysisExpert System forProgressive RiskIdentification Techniques ty rcialKane SecurityAnalyst (KSA)CommercialLOPHTCrackCommercialsimple vulnerabilityanalysiscomprehensivevulnerability analysismisuse detection,system monitoring,comprehensivevulnerability analysispassword arCommercialNetwork guard/ESMCommercialPerl CopsIndividualPINGWARECommercialRiskWatch v7.1CommercialSecurity AnalysisTool for AuditingNetworks(SATAN)Secure SunIndividualcomprehensivevulnerability analysisDan comsecurity@earthlink.netIndividualDavid oopy ToolsCommercialsimple vulnerabilityanalysiscomprehensivevulnerability tSandy ple vulnerabilityanalysiscomprehensivevulnerability analysiscomprehensivevulnerability analysiscomprehensivevulnerability analysissimple vulnerabilityanalysiscomprehensivevulnerability analysiscomprehensivevulnerability analysiscomprehensivevulnerability analysisrisk analysiscomprehensivevulnerability analysisBellcoreCaroline R. com/prodOl .htmhttp://www.earthlink.net/company/farmer.html
TitleSource TypeAttributesContactOrganizationJulian edu/Brian FinanDoug.Schales@net.tamu.edumthreat@paranoia.com or-mthreat@ccwf.cc.utexas.eduBrian Finan@tds.comrisk analysisDr. Donald R. p://www.nsa.gov/simple dualSystem idualsimple vulnerabilityanalysiscomprehensivevulnerability analysiscomprehensivevulnerability analysiswar dialersTrident InformationProtection ToolboxValue of InformationStructured Analysisof Risk Tool(VISART)XscanCommercialrisk analysisGovernmentIndividualPatrick TaylorDoug SchalesMinor Threat andMucho Maasftp://ftp.paranoia.com/pub/toneloc/tl 110.zip
BALLISTATITLECONTACT INFORMATIONBallistaAlfred HugerSecure Networks Inc.Suite 330,1201 5th Street SWCalgary, Alberta CANADA T2R-0Y6Telephone: net.comURL:http://www.secnet.com/AUTHORSecure Networks Inc.SOURCEhttp://www.secnet.com/nav1 b.htmlKEYWORDScomprehensive vulnerability analysisREQUIREMENTSSolaris 2.5-2.6, Linux 2.x, BSDI 2.x, OpenBSD2.x, FreeBSD 2.x, Windows NT 4.0AVAILABILITYCommercially available from http://www.secnet.com/. Evaluation copy available fromhttp://www.secnet.com/nav1b.html. Licensing isbased on a single host or specific addresses.Up to 10 addresses cost 150, up to 50 cost 350.ABSTRACTBallista is a network security auditing toolused to discover security weaknesses in networked environments. Ballista uses extensivedomain name system (DNS) auditing to mapintranets and perform port scans. Vulnerabilitychecks include file transfer protocol (FTP), WebServers, Sendmail, RPC, NFS, NetBIOS, andnetwork devices such as routers and bridges.Ballista also allows users to determine whetherthe filters of a firewall are securely configuredand have password-guessing routines.Secure Networks has developed a customizable tool included with Ballista, the CustomAuditing Packet Engine (CAPE). CAPE can perform complex protocol-level spoofing and attacksimulations. CAPE also enables users to generate tool-sets onthefly to address unique networkimplementations. It can use custom scripts toverify the integrity of Access/Choke routers, filtering firewalls (statefull inspection or otherwise),etc. This modular architecture also allowsSecure Networks to update Ballista easily andefficiently. Ballista's biweekly updates includenew vulnerability checks and features.
CHECKXUSERSTITLECONTACT INFORMATIONCheckXusersBob VickersUniversity of London Computer Centre20 Guilford StreetLondon ENGLAND WC1N 1DZTelephone: rs@ulcc.ac.ukURL:http://www.ulcc.ac.uk/AUTHORBob nix/KEYWORDSsimple vulnerability analysisREQUIREMENTSUNIX (Perl script); no special privileges; netstat command in PATH variable.AVAILABILITYFreely available from rs.ZABSTRACT:CheckXusers identifies users logged onto thecurrent machine from insecure X servers. Itenables system administrators to determinewhether users are exposing themselves, andhence the system, to unacceptable risks. Itshould be run from an ordinary user account, notroot. It assumes that the netstat command issomewhere in the PATH prior to execution.
CHKACCTTITLECONTACT INFORMATIONChkacctShabbir SafdarThe Voters Telecommunications Watch233 Court Street #2Brooklyn, NY 11201Telephone: RL:http://www.panix.com/ shabbirAUTHORShabbir ix/chkac-ct/KEYWORDSsimple vulnerability analysisREQUIREMENTSUNIX (Perl script); Audits account from whichit is run.AVAILABILITYFreely available fromftp://coast.cs.purdue.edu/ Chkacct was designed to complement toolslike COPS and Tiger that check for configurationproblems in an entire system. Chkacct isdesigned to check the settings and security ofthe current user's account. It identifies potentialproblems with the accountis security and provides explanations of how to fix them. It may bepreferable to have a security administrator askproblem users to run chkacct rather than directlyalter files in their home directories.Chkacct allows the user to check the securityof his or her account quickly. It can be run out ofa crontab in "harmless" mode and the outputmailed to the user.Chkacct checks the home directory for certainimportant "dot" files as well as searchingthroughout the entire home directory for files withall-user write permissions.10
CONNECTTITLECONTACT eUnavailableUnavailableUnavailableKEYWORDSsimple vulnerability analysisREQUIREMENTSUNIX (C source code)AVAILABILITYFreely available from BSTRACT:This /bin/sh shell script scans a range of Internet Protocol (IP) addresses for machines thatoffer the Trivial File Transfer Protocol (TFTP)service. Although typically disabled, this serviceis generally considered insecure and can beexploited to extract system files including/etc/passwd and other critical system files. IfCONNECT finds a machine running TFTP, it willautomatically attempt to download the /etc/passwd file to determine whether the system is vulnerable.11
COPSTITLECONTACT INFORMATIONComputer Oracle and Password System(COPS)Dan Farmer3100 New York DrivePasadena, CA 91107Telephone: farmer.htmlAUTHORDan FarmerSOURCEftp:// ftp.cert.orgKEYWORDScomprehensive vulnerability analysisREQUIREMENTSUNIX (Perl script)AVAILABILITYFreely available from ftp://coast.cs.purdue.edu/ pub/tools/unix/cops/ABSTRACTComputer Oracle and Password System(COPS) is a security toolkit that examines a system for a number of known weaknesses andalerts the system administrator to them. In somecases it can automatically correct these problems. COPS identifies security vulnerabilitiesand checks for empty passwords in /etc/passwd,files with all-user write permissions, misconfigured anonymous ftp's, and many other area.12
TITLECONTACT INFORMATIONCheck Promiscuous Mode (CPM)CERT Coordination CenterSoftware Engineering InstituteCarnegie Mellon UniversityPittsburgh, PA 15213-3890Telephone: nfo.htmlAUTHORCERT Coordination ix/KEYWORDSsimple vulnerability analysisREQUIREMENTSUNIX (C source code), no special privilegesAVAILABILITYFreely available fromftp://coast.cs.purdue.edu/ pub/tools/unix/cpm/.ABSTRACTCheck Promiscuous Mode (CPM) checkswhether any network interface on a host is inpromiscuous mode. A host in promiscuousmode can view all network traffic passingthrough its branch. CPM uses standard BSDUNIX socket (2) and ioct1(2) system calls todetermine a system's configured network interfaces and reports whether any of the networkinterfaces are currently in promiscuous mode.CPM identifies the number of interfaces found,the name of each interface, and whether eachinterface is in normal or promiscuous mode. Itreturns the number of discovered promiscuousinterfaces as its exit status. No special privileges are required to invoke CPM.13
CRACKTITLECrackAUTHORAlec YWORDpassword crackerREQUIREMENTSUNIX (C source code, Perl script). Tested onSolaris, Linux, FreeBSD, NetBSD, OSF, andUltrix. Root privileges to execute.AVAILABILITYFreely available from ftp://ftp.cert.org/pub/tools/crack/CONTACT INFORMATIONAlec MuffettSun Microsystems Ltd.Sun House306 Cambridge Science ParkMilton RoadCambridge CB4 4WGENGLANDTelephone: 01223.420421Facsimile: /www.users.dircon.co.uk/-crypto/index.htmlability to read dictionaries generated by externalcommands, better recovery mechanisms for jobsinterrupted by crashes, improved control (e.g.,disable during working hours). In addition, itcomes bundled with Crack6 (minimalist password cracker) on with Crack7 (brute force password cracker).ABSTRACT:Crack is a password-cracking program with aconfiguration language that allows the user toprogram the types of guesses attempted. Crackis designed to quickly locate vulnerabilities inUNIX (or other) password files by scanning thecontents of a password file and testing entries forweak (i.e., dictionary) passwords.Crack helps the system administrator identifyweak passwords by checking for various weaknesses and attempting to decrypt them. Systems employing shadowing password schemesare much harder to crack.Crack's general procedure is to take as itsinput a series of password files and source dictionaries. It merges the dictionaries, turns thepassword files into a sorted list, and generateslists of possible passwords from the merged dictionary. Crack makes many individual passesover the password entries supplied as input.Each pass generates password guesses basedon a sequence of rules.Features include Eric Young's "libdes" encryption routines, an application programming interface (API) for ease of integration with arbitrarycrypt() functions, API for ease of integration witharbitrary passwd file format, considerably bettergecos-field checking, more powerful rule sets,14
TITLECONTACT INFORMATIONDomain Obscenity Control (DOC)Steve HotzPaul MockapetrisUniversity of Southern California School ofEngineering Information Sciences Institute4676 Admiralty Way, Suite 1001Marina del Rey, CA 90292-6695Telephone: lux.usc.eduURL:http://www.isi.edu/AUTHORSSteve HotzPaul htmKEYWORDSsimple vulnerability analysisREQUIREMENTSUNIX (csh script)Version 2.0 of the DNS query tool "dig"domain Internet groperAVAILABILITYFreely available at ar.zABSTRACT:Domain Obscenity Control (DOC) diagnosesmisconfigured domains by sending queries to theappropriate domain name system (DNS) nameservers and performing simple analysis on theresponses. DOC verifies a domain's proper configuration and that it is functioning correctly. Thedomain name must be valid. Some changes tothe script must be made including the
8283 Greensboro Drive, Allen 663 McLean, VA 22102-3838 703.902.3177 Fax 703.902.3425 STU-III 703.902.5869 STU-III Fax 703.902.3991 E-mail iatac@dtic.mil
