UNIX System Administration Handbook

WARNING: This information has not been updated since October, 1997!
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
INDEX ENTRY FOR COPS:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Name: COPS - Checks for system security problems

Version: 1.04+

Author(s): Dan Farmer <zen@trouble.org>
           With many additional contributors

Ftp source: archive.cis.ohio-state.edu:/pub/cops

Description:

   COPS is a static security checking tool that checks common
   (mostly) procedural problems of a UNIX system. It basically takes
   a snapshot of a system, and then generates a report of its
   findings. On a purely empirical basis, over the years it has
   successfully discovered problems that could compromise root on
   more than 3/4 or more of the systems I've run it on; of course,
   the idea here is not to break root, but to let someone fix the
   problems it shows. Note, of course, that it gives info
   indiscriminately, to whoever runs it. Decide if you do or don't
   want to learn about the information it can give about your system,
   but remember -- someone else probably already has it. 

   -- Quoted from cover_letter by Dan Farmer in the cops_104 distribution.

Advertised architectures:

   p.s.  Just for snix, here are some of the machine/OS's I know this
   sucker works on; far and away the most common problem was getting that
   stupid password cracking program to compile, followed by systems without
   the -ms package to nroff.  Some minor problems with config files -- I
   *think* these are all ok:

   DECstation 2100, 3100, 5000, Ultrix 2.x, 3.x, 4.x (Ultrix is braindead.)

   Sun 3's, 4's  (incl. Solbourne and clones) -- 3.x, 4.x
   Gould 9080 Powernode, hacked up Gould OS (whatever it is)
   sequent S-87 symmetry, dynix V3.x (both att & bsd universes; att required
                       "BRAINDEADFLAGS = -lcrypt" to be uncommented.
   ETA-10P, Sys V R3 based
   Convex boxes, all types, OS's (up to 9.x, the most recent)
   Apollo dn3000 & dsp90, Domain SR 9.7, 10.x (see "readme.apollo")
   Vax 11/780, 4.x BSD (Mt. Xinu, tahoe and stock)
   Vaxstation, MicroVax, Vax 6320 & 8800, Ultrix 2.x, 3.x, 4.x
   HP900/370, HP-UX 6.x, 7.x
   Cray 2 & Y-MP, UNICOS 5.x, 6.x
   Amdahl 5880, UTS 580-1.2.3
   SGI 2500's, IRIX GL 3.6
   SGI 4D's, IRIX System V Release 3.x
   '286 & '386 Boxes, running Xenix (see "readme.xenix")
   AT&T 3B2 & 3B1, SysVR[3-4]
   CADMUS box (R3000 & 68020 cpu), SysVR3.2
   Pyramid, running 4.4c and 5.1a

   Apple Mac IIci, running AUX 2.x.  The "test -z" seemed broken on this,
   but I only had a brief chance to test it out, but kuang didn't like it
   as a result.  I'll get a working version soon; everything seemed ok
   (change the /etc/servers line in "misc.chk").

   NeXT, 1.x 
   (password stuff is different on this machine, though; cracking is
   strange.  Diffs anyone?  Also, /bin/test vs. shell builtin "test" is
   *weird*.)

   Multimax 320, 12 Processors, 64Mb Memory, Encore Mach Version B1.0c (Beta)
   (no crypt(3) on this machine.  Sigh.)

   IBM rs6000, AIX 3.1 (DEADBEEF about sums it up.)
  
   I've lost track of the others.  If you have some bizarre piece of
   hardware that you've run it on, I'd like to hear about it...

   -- Quoted from README.1 by Dan Farmer in the cops_104 distribution.

Prerequisites:  C Compiler and  Perl > 3.18 (for Perl version)


UNIX System Administration Handbook	\| Tools for UNIX System Administrators
FAQ \| Errors \| Goodies \| Purchase \| Register \| Send Email