The Host-Oriented Security Test Suite (HOSTS)
Publication Date: 2002-Jun-13
The IP.com Prior Art Database
Hosts is a portable test utility tool. HOSTS automates many aspects of security testing. It is interactive or standalone. It is flexible and easily customizable. It uses Perl and Common Perl Modules.
The Host-Oriented Security Test Suite (HOSTS) is an interactive utility that automates many aspects of security testing performed within the Unix environment. The HOSTS utility empowers the tester to snapshot a candidate system to determine how securely the system has been configured. By using HOSTS as part of the security evaluation process, a level of consistency and repeatability in testing is readily and rapidly achieved. An additional benefit is a reduction in the probability for operator-induced errors, which can skew the test results. These benefits are achieved along with a reduction in both the amount of time and level-of-effort required to perform the actual testing. For example, utilization of HOSTS by one DOD program reduced testing manpower needs by almost 70% (from 2 weeks to 3 days) while simultaneously increasing requirement coverage.
HOSTS can be used to create and maintain a security profile of a target system’s operating environment. While this utility was originally designed for use in evaluating implementation compliance with the Defense Information Infrastructure (DII) Common Operating Environment (COE) Security Requirements Specification (SRS), it can be easily adapted for compliance evaluation against other security specifications. The HOSTS utility has been written using Perl 5.005 and the Bourne shell. It has also been used under later versions of Perl. Test cases have been developed for exercising Sun Microsystems’ SunOS 5.8 and Red Hat’s Linux 7.2...