Method and apparatus for assessing the security of a computer system
First Claim
1. A computer security system, comprising:
- a configuration/set-up module that operates under direction of a processor of a computer system and that identifies security critical files of the computer system;
a directory checking module that operates under direction of the processor and that identifies unauthorized changes to the security critical files; and
a user manager module that operates under direction of the processor and that identifies unauthorized access to the security critical files.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus performs a security analysis on a computer system to identify, notify, and possibly correct, vulnerabilities and discrepancies. The security system includes a number of security tools and utilities in order to perform these functions. The security system includes the capability to identify the system configuration and once this is done performs different processes to analyze the computer system directories, locate vulnerabilities in the files or directories, check the network access, do analysis of the users or groups which have access to the computer system and check the permissions which these parties have been granted, and analyze passwords of the users. The utilities include the functionality to permanently remove files from the computer system, mark particular files to be analyzed, as well as schedule the security tests to be performed at predetermined times.
-
Citations
20 Claims
-
1. A computer security system, comprising:
-
a configuration/set-up module that operates under direction of a processor of a computer system and that identifies security critical files of the computer system;
a directory checking module that operates under direction of the processor and that identifies unauthorized changes to the security critical files; and
a user manager module that operates under direction of the processor and that identifies unauthorized access to the security critical files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A software product comprising instructions, stored on computer-readable media, wherein the instructions, when executed by a computer, perform steps for identifying and removing unwanted users from computer resources, comprising:
-
instructions for identifying security critical files;
instructions for identifying unauthorized changes or unauthorized access to the security critical files;
instructions for detecting excessive system service use;
instructions for testing the integrity of user passwords or for identifying weak user passwords; and
instructions for reporting the unauthorized changes, unauthorized access, excessive system service use or weak user passwords to a system administrator. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method of analyzing and protecting the security of a local area network (LAN), comprising:
-
directing a computer processor to execute a password checking module that carries out the steps of;
retrieving user passwords from a database;
comparing the user passwords to a word list;
comparing the user passwords to pseudo words generated by a word filtering program; and
identifying the user passwords that match the word list or the pseudo words as potential security threats. - View Dependent Claims (18, 19, 20)
-
Specification