05892903 is referenced by 438 patents and cites 9 patents.

A system and method is disclosed for detecting security vulnerabilities in a computer network. The system includes an IP spoofing attack detector, a stealth port service map generator, a source port verifier, source routing verifier, an RPC service detector and a Socks configuration verifier. Each of these verifiers may be operated separately or as a group to detect security vulnerabilities on a network. Each verifier may be programmed to exhaustively test all ports of all computers on a network to detect susceptibility to IP spoofing attacks, access to services with little or no authorization checks or misconfigured routers or Socks servers. The detected vulnerabilities or the location of services having little or no authorization checks may be stored in a table for reference by a network administrator. The service map generated by the stealth service map generator may be used to identify all service ports on a network to facilitate the operation of the other verifiers which send service command messages to service ports to detect their accessibility. A graphic user interface (GUI) may be used to provide input and control by a user to the security verifiers and to present options and display information to the user.

Title
Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
Application Number
8/710162
Publication Number
5892903
Application Date
September 12, 1996
Publication Date
April 6, 1999
Inventor
Christopher W Klaus
Atlanta
GA, US
Agent
Morris Manning & Martin L
Assignee
Internet Security Systems
GA, US
IPC
G06F 11/00
View Original Source