The MITRE Network Security Assessment Toolkit
Daniel Vukelich - MITRE Corporation"
Apr 17, 1998
AbstractMITRE's enhanced version of SATAN includes the integration of MERLIN, automated remote execution of host-based probes (Tiger, etc.), in-line password cracking, network services detection, and the addition of new vulnerability probes (NetBIOS, NIS, etc.). A prototype version has been ported to Windows/NT, using Microsoft Explorer as the Browser-based GUI. E-SATAN/NT includes the original UNIX-based probes as well as additional probes to assess the vulnerability of Windows/NT machines.
MITRE has enhanced TKINED with automated SNMP browsing, has added a filtering router policy enforcement query interface, and has developed a "backdoor connection identification" capability to identify modem pools and routes to external networks. E-TKINED also features a passive discovery mechanism, which allows discovery of hardware nodes without the noise and bandwidth intensiveness associated with active discovery mechanisms.
The Firewall Test Tool (FTT) was developed to do independent testing on a firewall security policy primarily because the security policies can be quite complex. As a result, configuring an ordered set of rules to enforce such a policy is not a trivial task and is prone to configuration errors. FTT can be used to conduct testing of firewalls prior to installation to ensure correct configuration of the rules and to help maintain the firewall's configuration.
About the SpeakerDaniel F. Vukelich received his B.S. in Computer Science in 1983 from Arizona State University. Mr. Vukelich has fifteen years of experience in UNIX internals, computer networking, and information security. Mr. Vukelich is the manager of security tools development and during his tenure with The MITRE Corporation in Bedford, MA, he has lead the development of tools to facilitate the assessment of enterprise security posture. Mr. Vukelich is currently interested in integrating network management with security management in providing a cohesive view of network status. Mr. Vukelich can be contacted by e-mail at "firstname.lastname@example.org." or by phone at (781) 271-2943.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.