dale@laidbak.UUCP (Dale A. Moir) (07/21/88)
Announcing: The LAI Security Audit, Release 2.0
Now available from Lachman Associates, Inc. - the latest release of the
LAI Security Audit. This updated release of the LAI Security Audit
reflects LAI's continuing commitment to providing the most comprehensive,
up-to-date UNIX security system available.
The Security Audit was first introduced in 1986, offering a wide range
of features aimed at detecting and preventing system vulnerability,
intruder access, and malicious user activity. In Release 2.0, LAI has
added the following new capabilities:
* Support of HoneyDanBer uucp in the Network Access Check
* A Terminal Idle Check, to address physical security issues
* Additional checking for Common Security Bugs - as reported in
various trade journals, electronic news articles, etc.
* Enhanced reporting facilities, to simplify corrective maintenance
* Enhanced configuration facilities, to simplify set-up and support
In addition, all of the original features are still fully supported -
many with enhancements, including:
* The System File Check - verifying that critical system files have
not been tampered with, and are not vulnerable to modification
* The User File Check - verifying that user files are not vulnerable,
and that users are not maintaining illicit copies of system files
* Password Guessing - attempting to find easily guessed passwords
through methods similar to those which an intruder might use
(NOTE: LAI has never installed a Security Audit without at least
one "hit" in the password guessing portion of the audit)
* Uucp security checking - insuring that your system is not vulnerable
to attack via network connections (Original and HoneyDanBer uucp
implementations are supported)
* The User Environment Check - verifying that your user's login
environments do not leave them vulnerable to attack from trojan
horses, malicious users, or intruders.
* Custom Configuration - each system can be custom configured to meet
individualized security goals. Any level of system security can
be maintained, depending on the needs of the administrator.
The entire LAI Security Audit system is written in highly portable "C"
source code. The product is compatible with most versions of the UNIX
operating system, including System V and 4.2/4.3BSD - there is even an
NFS-specific version available for systems supporting Network File Sharing.
The LAI Security Audit is shipped in source code format, with a complete
User's Guide, and a 30-day warranty. Ongoing annual support may be
purchased at the end of the warranty period. Substantial discounts for
multi-machine licenses are also available.
For further technical and/or pricing information, please contact:
Dale A. Moir
Lachman Associates, Inc.
1901 N. Naper Blvd.
Naperville, Illinois 60540
Outside of Illinois: 1-800-LAI-UNIX, x384
Within Illinois: (312) 505-9100, x384
Telefax: (312) 505-9133