Ferret:主机漏洞检测工具

10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings. Pub Date : 2004-03-03 DOI:10.1109/PRDC.2004.1276595

A. Sharma, Jason Martin, N. Anand, M. Cukier, W. Sanders

{"title":"Ferret:主机漏洞检测工具","authors":"A. Sharma, Jason Martin, N. Anand, M. Cukier, W. Sanders","doi":"10.1109/PRDC.2004.1276595","DOIUrl":null,"url":null,"abstract":"Evaluation of computing system security requires knowledge of the vulnerabilities present in the system and of potential attacks against the system. Vulnerabilities can be classified based on their location as application vulnerabilities, network vulnerabilities, or host vulnerabilities. We describe Ferret, a new software tool for checking host vulnerabilities. Ferret helps system administrators by quickly finding vulnerabilities that are present on a host. It is designed and implemented in a modular way: a different plug-in module is used for each vulnerability checked, and each possible output format is specified by a plug-in module. As a result, Ferret is extensible, and can easily be kept up-to-date through addition of checks for new vulnerabilities as they are discovered; the modular approach also makes it easy to provide specific configurations of Ferret tailored to specific operating systems or use environments. Ferret is a freely available open-source software implemented in Perl.","PeriodicalId":383639,"journal":{"name":"10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings.","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Ferret: a host vulnerability checking tool\",\"authors\":\"A. Sharma, Jason Martin, N. Anand, M. Cukier, W. Sanders\",\"doi\":\"10.1109/PRDC.2004.1276595\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Evaluation of computing system security requires knowledge of the vulnerabilities present in the system and of potential attacks against the system. Vulnerabilities can be classified based on their location as application vulnerabilities, network vulnerabilities, or host vulnerabilities. We describe Ferret, a new software tool for checking host vulnerabilities. Ferret helps system administrators by quickly finding vulnerabilities that are present on a host. It is designed and implemented in a modular way: a different plug-in module is used for each vulnerability checked, and each possible output format is specified by a plug-in module. As a result, Ferret is extensible, and can easily be kept up-to-date through addition of checks for new vulnerabilities as they are discovered; the modular approach also makes it easy to provide specific configurations of Ferret tailored to specific operating systems or use environments. Ferret is a freely available open-source software implemented in Perl.\",\"PeriodicalId\":383639,\"journal\":{\"name\":\"10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings.\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-03-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PRDC.2004.1276595\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PRDC.2004.1276595","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

摘要

评估计算系统的安全性需要了解系统中存在的漏洞和对系统的潜在攻击。根据漏洞所在的位置，可以将漏洞分为应用程序漏洞、网络漏洞和主机漏洞。我们将介绍Ferret，一个用于检查主机漏洞的新软件工具。Ferret通过快速查找主机上存在的漏洞来帮助系统管理员。它以模块化的方式设计和实现:对检查的每个漏洞使用不同的插件模块，每种可能的输出格式由插件模块指定。因此，Ferret是可扩展的，并且可以很容易地通过添加对新漏洞的检查来保持最新;模块化的方法也使得为特定的操作系统或使用环境量身定制Ferret的特定配置变得容易。Ferret是一个用Perl实现的免费开源软件。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Ferret: a host vulnerability checking tool

Evaluation of computing system security requires knowledge of the vulnerabilities present in the system and of potential attacks against the system. Vulnerabilities can be classified based on their location as application vulnerabilities, network vulnerabilities, or host vulnerabilities. We describe Ferret, a new software tool for checking host vulnerabilities. Ferret helps system administrators by quickly finding vulnerabilities that are present on a host. It is designed and implemented in a modular way: a different plug-in module is used for each vulnerability checked, and each possible output format is specified by a plug-in module. As a result, Ferret is extensible, and can easily be kept up-to-date through addition of checks for new vulnerabilities as they are discovered; the modular approach also makes it easy to provide specific configurations of Ferret tailored to specific operating systems or use environments. Ferret is a freely available open-source software implemented in Perl.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings.

自引率

0.00%

发文量