Method and apparatus for assessing the security of a computer system

US 20050171737A1
Filed: 04/07/2005
Published: 08/04/2005
Est. Priority Date: 06/15/1998
Status: Abandoned Application

First Claim

Patent Images

1. A computer security system, comprising:

a configuration/set-up module that operates under direction of a processor of a computer system and that identifies security critical files of the computer system;

a directory checking module that operates under direction of the processor and that identifies unauthorized changes to the security critical files; and

a user manager module that operates under direction of the processor and that identifies unauthorized access to the security critical files.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus performs a security analysis on a computer system to identify, notify, and possibly correct, vulnerabilities and discrepancies. The security system includes a number of security tools and utilities in order to perform these functions. The security system includes the capability to identify the system configuration and once this is done performs different processes to analyze the computer system directories, locate vulnerabilities in the files or directories, check the network access, do analysis of the users or groups which have access to the computer system and check the permissions which these parties have been granted, and analyze passwords of the users. The utilities include the functionality to permanently remove files from the computer system, mark particular files to be analyzed, as well as schedule the security tests to be performed at predetermined times.

Citations

20 Claims

1. A computer security system, comprising:
- a configuration/set-up module that operates under direction of a processor of a computer system and that identifies security critical files of the computer system;
  
  a directory checking module that operates under direction of the processor and that identifies unauthorized changes to the security critical files; and
  
  a user manager module that operates under direction of the processor and that identifies unauthorized access to the security critical files.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer security system of claim 1, further comprising an integrity checking module that operates under direction of the processor and that identifies one or more files stored in memory that correspond to one or more files in a database of known security threats.
  - 3. The computer security system of claim 2, further comprising a file removal module that operates under direction of the processor and that removes the files from the memory when corresponding to the files in the database.
  - 4. The computer security system of claim 1, the computer system comprising a data network.
  - 5. The computer security system of claim 4, further comprising a network checking module that operates under direction of the processor and that detects excessive system service use on at least one access port of the network.
  - 6. The computer security system of claim 1, further comprising a password checking module that operates under direction of the processor and that (a) tests the integrity of user passwords and (b) identifies weak user passwords.
  - 7. The computer security system of claim 1, further comprising a reporting module that operates under direction of the processor and that provides status information pertaining to the computer security system to a system administrator.
  - 8. The computer security system of claim 1, further comprising at least one graphical user interface through which a user may command the processor.
  - 9. The computer security system of claim 1, further comprising a file marking module that operates under direction of the processor and that facilitates selection or deselection of the security critical files.
  - 10. The computer security system of claim 1, further comprising a scheduling module that operates under direction of the processor and that facilitates execution scheduling of one or more of the modules.
  - 11. The computer security system of claim 1, the computer system comprising a UNIX server.

12. A software product comprising instructions, stored on computer-readable media, wherein the instructions, when executed by a computer, perform steps for identifying and removing unwanted users from computer resources, comprising:
- instructions for identifying security critical files;
  
  instructions for identifying unauthorized changes or unauthorized access to the security critical files;
  
  instructions for detecting excessive system service use;
  
  instructions for testing the integrity of user passwords or for identifying weak user passwords; and
  
  instructions for reporting the unauthorized changes, unauthorized access, excessive system service use or weak user passwords to a system administrator.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The software product of claim 12, further comprising instructions for identifying corrective measures.
  - 14. The software product of claim 13, further comprising instructions for initiating the corrective measures.
  - 15. The software product of claim 12, further comprising instructions for blocking the unauthorized changes, unauthorized access, excessive system service use or weak user passwords.
  - 16. The software product of claim 12, wherein the instructions for reporting further comprise instructions for displaying a result on a graphical user interface.

17. A method of analyzing and protecting the security of a local area network (LAN), comprising:
- directing a computer processor to execute a password checking module that carries out the steps of;
  
  retrieving user passwords from a database;
  
  comparing the user passwords to a word list;
  
  comparing the user passwords to pseudo words generated by a word filtering program; and
  
  identifying the user passwords that match the word list or the pseudo words as potential security threats.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising the step of notifying users who have selected the user passwords that are potential security threats.
  - 19. The method of claim 17, further comprising the step of removing access privileges from the users who have selected the user passwords that are potential security threats.
  - 20. The method of claim 17, further comprising the step of displaying a result.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TVIIM LLC
Original Assignee
TVIIM LLC
Inventors
Reynolds, Kevin, Mavros, Cynthia, Knight, Eric, Zymbaluk, Greg, Hartley, Bruce V.

Application Number

US11/100,714
Publication Number

US 20050171737A1
Time in Patent Office

Days
Field of Search
US Class Current

702/186
CPC Class Codes

G06Q 30/06 Buying, selling or leasing ...

H04L 63/1433 Vulnerability analysis

Method and apparatus for assessing the security of a computer system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for assessing the security of a computer system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links