Daniel Vukelich - MITRE Corporation"
Students: Spring 2022, unless noted otherwise, sessions will be virtual on Zoom.
The MITRE Network Security Assessment Toolkit
Apr 17, 1998
AbstractMITRE's enhanced version of SATAN includes the integration of MERLIN, automated remote execution of host-based probes (Tiger, etc.), in-line password cracking, network services detection, and the addition of new vulnerability probes (NetBIOS, NIS, etc.). A prototype version has been ported to Windows/NT, using Microsoft Explorer as the Browser-based GUI. E-SATAN/NT includes the original UNIX-based probes as well as additional probes to assess the vulnerability of Windows/NT machines.
MITRE has enhanced TKINED with automated SNMP browsing, has added a filtering router policy enforcement query interface, and has developed a "backdoor connection identification" capability to identify modem pools and routes to external networks. E-TKINED also features a passive discovery mechanism, which allows discovery of hardware nodes without the noise and bandwidth intensiveness associated with active discovery mechanisms.
The Firewall Test Tool (FTT) was developed to do independent testing on a firewall security policy primarily because the security policies can be quite complex. As a result, configuring an ordered set of rules to enforce such a policy is not a trivial task and is prone to configuration errors. FTT can be used to conduct testing of firewalls prior to installation to ensure correct configuration of the rules and to help maintain the firewall's configuration.
About the Speaker
Daniel F. Vukelich received his B.S. in Computer Science in 1983 from Arizona State University. Mr. Vukelich has fifteen years of experience in UNIX internals, computer networking, and information security. Mr. Vukelich is the manager of security tools development and during his tenure with The MITRE Corporation in Bedford, MA, he has lead the development of tools to facilitate the assessment of enterprise security posture. Mr. Vukelich is currently interested in integrating network management with security management in providing a cohesive view of network status. Mr. Vukelich can be contacted by e-mail at "firstname.lastname@example.org." or by phone at (781) 271-2943.