An effective modified security auditing tool (SAT)

摘要

Security audit is an important trend in computer security field. The computer system vendors introduce secure systems in the market and mention how these systems are secure and how they provide multiple layers of security. The fact is that we have many bugs and vulnerable points in various systems due to imperfect testing from vendor's side or imperfect administration from system administrator side. A security audit plays an important role in determining any exploitable weaknesses that put the data at risk. In this work we design and implement a security administration tool for auditing the latest vulnerabilities and weak points in three of the most common operating systems (Windows 95/98/NT/2000, Linux, and Solaris). This tool, called SAT (Security Administration Tool), tests and detects the weakness and security holes in any computer network system, and generates a comprehensive report that contains the analysis of the scans, the ranking of the risks found, and the detailed recommendations for fixing potential vulnerabilities. A new important feature of SAT is that it tests and recommends solutions for the latest vulnerabilities for any of the aforementioned operating systems.