MacAnalysis Security Auditing Tool for the Macintosh to check before Hackers

New Mac OS X version of MacAnalysis 2.2.4

MacAnalysis is a security auditing suite for your Macintosh to perform and help implement a security standard for your computer/network by performing a full security check of network protocols, open services, port scans, vulnerable CGI scripts and much more. There has never been such a complete package to help maintain a secure network by running security audits for the MacOS! This will scan your Macintosh, Unix, Windows, and Hardware for any vulnerable security holes!

macanalysis2T

What is security auditing? Quick and simple, security auditing is the act of testing the security to see how it stands up to potential intruders. SecureMac.com has always preached that to understand how to secure your computers better you must understand a little about hacking. Try to hack your own computers before the hackers do. With MacAnalysis you can test your computers to see how well they are secured or how easily they are hackable (:

By running MacAnalysis it will determine potential holes in the computer and with the results you may upgrade and fix the problem with the suggested solutions, if you are unsure of the procedure to do so you may contact your system administrator or other network/computer experts.

You will see below is the results of one of our scans to a remote host (note this host is not SecureMac.com so you do not need to run the tests against our servers!! )

Services/Protocols Holes

S_TELNET:23 is active (Risk: Low)
Resume: Uses insecure plaintext password authentication.
Vulnerable to brute-force password guessing
Fix: Use a tcp wrapper and compile a hosts.allow and hosts.deny file.

S_BIND:53 is active (Risk: Very High)
Resume: Your server respond to an IQUERY and NXT request, this vulnerability can lead to a root compromise
Fix: Restrict access to 53/tcp to local clients and nameservers.Restrict incoming traffic to nameservers to your local network.

S_LCONF:98 is active (Risk: High)
Resume: Several vulnerabilities exist in the linuxconf server
Fix: Disable the service or use a tcp wrapper and compile a hosts.allow and hosts.deny file.

S_WEB:80 is active (Risk: Very High)
Version: Apache 1.3.12

Info: Root Directory Disclosure Access Vulnerability
Resume: By performing a range of //// character, an attacker can lists directory contents.

S_IMAP:143 is active (RISK: Very High)
Resume: Vulnerable to a buffer overflows that can lead to a root compromise.
Uses insecure plaintext password authentication.
Fix: Upgrade to the lastest version, or disable the service.

S_RLOGIN:513 is active (Risk: High)
Resume: Vulnerable to .rhost, sniffing and brute force attacks.
Fix: Disable the service.
In some situations you will notice that even though MacAnalysis reports that you have a particular hole open it may not be vulnerable. MacAnalysis includes the feature to investigate particular vulnerabilities. By clicking on the “Tools” menu and going down to “Security Browser” you will be able to investigate and check further if your computer will actually give out any information that a hacker could use. The screenshot below pictures the Security Browser window running a security scan on SecureMac.com, the results show that the hole is NOT active and I do not have anything to worry about.

macanbrowserT

It is ideal to use the Security Browser window when checking for a particular program/port/service that might fall vulnerable. If SecureMac.com were to run nsf then the results could be very risky!

We have many servers we keep tabs on to make sure they are not susceptible to hacks or attacks. MacAnalysis has the feature to scan multiple servers and remember the addresses for future use.

quewelist

Many many security auditing features we can’t even cover in the review including brute forcing services to find vulnerable or easy crackable passwords!

MacAnalysis also includes a plethora of network information tools built in.

NSLookup
TraceIP
Whois
Ping
NameScan
Finger
PortScan
Reverse IP
Service Scan
Broadcast scan
System Information

The image shown is a broadcast scan in progress. We will scan a network to see if it has any open broadcast addresses. Broadcast addresses can be used by hackers to cause denial of service or DoS attacks against your network. Now you can research your own network/computers to make sure that your computer can’t be used in a DoS attack against other networks.

Network seem a little lagged? Someone might be packeting your network with ICMP packets which can cause your computer to lag offline or even crash! Keeping this utility open will help you solve the question if you are being attacked. Don’t sweat if it picks up a ICMP packet once in a while, those are common, but if it lights up for a long period of time add the ip address that it shows to your firewall if you find it appropriate (:

icmplog
Updates: Keeping up with all the updates and hacks can be time consuming, we still suggest you read all the security digests and bugtraq! MacAnalysis has the feature to update the vulnerability database on the fly by clicking on one button! You will soon have all the latest security additions for MacAnalysis. Did you know MacAnalysis currently checks for over 1000 vulnerabilities? Lagoon-Software says they add new vulnerability listings often to their database and to keep on updating!

databaseupdates

We have a computer dedicated to running security assessment tests for our networks. MacAnalysis has the option to loop the tests to they are constantly running. The logs of course are nice. One of the features that tickles me is the way it can contact you with the results.

securitycontact

Phones now a days except e-mail and other sorts of ways to contact. MacAnalysis will contact you by email, beeping or SMS (mobile phone) so you will always know what is going on with your computers!

Firewall

MacAnalysis for Mac OS X offers you everything you have been waiting from a Classic Firewall, and even more. it instantly enables you to prevent attacks which are intended to you by showing a security alert report. It also allows you to block specific protocols linked to Unix/NT/Mac Servers, Trojan, DOS attacks,etc.

The Firewall Detector runs a TCP/IP stacks monitoring’s system, allowing an optimal recognition of the attack intented to you. For example, MacAnalysis can detect if one person makes a traceroute towards you, sends fragmented packets in order to trick your system’s security, performs DoS attacks, exploits trojan virus via a backdoor etc.

Visual Traceroute

Basically, it’s a common traceroute function, but it has a fabulous look and style to help understand where the connections are from;it traces the path took by packets between 2 hosts by drawing lines on a world map.

General Info

MacAnalysis Mac OS X will show you general information from netstat, login, traffic reports and more giving you access to tons of information with a single click.

Now that you see how important this file is to you, feel free to download the time limited version. You may register online in seconds.

Downloads

MacAnalysis 2.1b PPC – Download Now!
MacAnalysis 2.1b PPC – SecureMac Mirror
OS X Version Here!
MacAnalysis 2.2.4 X [macanalysis.com]
MacAnalysis 2.2.4 X [securemac.com]

What Is New In MacAnalysis

Fixed a major bug in MacAnalysis’s launch.
Apple Airport are now supported
Added “Hide/Show” Main Window
Added “Auto Update”
Added “Content Filter”
It watch’s outgoing data and prevents unauthorized export of private info.
Improved “News” fetcher. Added date.
Improved the stop’s list of the Firewall.
Features added, bug fixed, reliability improved.
Added latest exploits, vulnerabilities.

Registering Online! To utilize the program to its fullest we suggest registering and it includes free updates.

Filed under Software