Patent
1996-09-12
1999-04-06
Decady, Albert
39520057, G06F 1100
Patent
active
058929037
ABSTRACT:
A system and method is disclosed for detecting security vulnerabilities in a computer network. The system includes an IP spoofing attack detector, a stealth port service map generator, a source port verifier, source routing verifier, an RPC service detector and a Socks configuration verifier. Each of these verifiers may be operated separately or as a group to detect security vulnerabilities on a network. Each verifier may be programmed to exhaustively test all ports of all computers on a network to detect susceptibility to IP spoofing attacks, access to services with little or no authorization checks or misconfigured routers or Socks servers. The detected vulnerabilities or the location of services having little or no authorization checks may be stored in a table for reference by a network administrator. The service map generated by the stealth service map generator may be used to identify all service ports on a network to facilitate the operation of the other verifiers which send service command messages to service ports to detect their accessibility. A graphic user interface (GUI) may be used to provide input and control by a user to the security verifiers and to present options and display information to the user.
REFERENCES:
patent: 4223380 (1980-09-01), Antonaccio et al.
patent: 5204966 (1993-04-01), Wittenberg et al.
patent: 5309562 (1994-05-01), Li
patent: 5311593 (1994-05-01), Carmi
patent: 5347450 (1994-09-01), Nugent
patent: 5371852 (1994-12-01), Attanasio et al.
patent: 5515508 (1996-05-01), Pettus et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5623601 (1997-04-01), Vu
Guha et al., "Network Security via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposeed Solutions", IEEE, pp. 603-610, Mar. 1996.
Garg et al., "High Level Communication Primitives for Concurrent Systems", IEEE, pp. 92-99, 1988.
Hastings et al., "TCP/IP Spoofing Fundamentals", IEEE, pp. 218-224, May 1996.
Snapp, "Signature Analysis and Communication Issues in a Distributed Intrusion Detection System", Master Thesis; University of California, Davis, CA, pp. 1-40, 1991.
Guha et al., "Network Security via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposed Solutions", IEEE, pp. 40-48, Jul. 1997.
Djahandari et al., "An MBone Proxy for an Application Gateway Firewall", IEEE, pp. 72-81, Nov. 1997.
Kim et al., "Implementing a Secure rlogin Environment: A Case Study of Using a Secure Network Layer Protocol", Department of Computer Science, University of Arizona, pp. 1-9, Jun. 1995.
Satyanarayanan, "Integrating Security in a Large Distributed System", Acm Transactions on Computer Systems, vol. 7, No. 3, pp. 47-280, Aug. 1989.
Badesman Scott T.
De'cady Albert
Internet Security Systems, Inc.
LandOfFree
Method and apparatus for detecting and identifying security vuln does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for detecting and identifying security vuln, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for detecting and identifying security vuln will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1379125