Review of MacAnalysis

By: James Reynolds - Revised: 2006-06-15 devin

Introduction

An overview of MacAnalysis, a network security application.


What is MacAnalysis?

MacAnalysis is a security auditing/cracker prevention application. It uses more than 1300 known vulnerabilities to crack a server and gives a detailed report of any issues. It uses a database that keeps track of vulnerabilities. The database can be updated to include new vulnerabilities, typically 100 entries a month. It also has a firewall that watches for the same vulnerabilities it uses to hack.

MacAnalysis can be scheduled to periodically check servers and can alert sysadmins of problems by SMS (Mobile Phone), email or by an audible alert.

It can perform NSlookup, System Information, NetStat, Finger, Whois, ReverseIP, Port Scan, Services Scan, Name Scan, Traceroute, Looking Glass Features, OS Fingerprinting, POP3/SMTP/FTP Brute Force, Nph-Browser, Proxy Support, Network Info, ICMP logger, Full Featured Firewall, IP Monitoring, DUP Broadcast Scanner, Telnet client, Buffers Overflow, etc...

It also includes a dictionary of technical words and has a "security news" option that downloads the latest security news from various websites.

MacAnalysis boasts customers from the armed services, the government, and large corporations. It has also received top awards from many organizations. See the MacAnalysis homepage for more information.

Note: it is recommended that you only use MacAnalysis on servers that you own since it will not try to hide its tracks like typical cracker software. In other words, you will get noticed very fast if you scan www.apple.com for vulnerabilities...

System Requirements

Classic:
  • Any Macintosh with System version 8.6 or higher installed
  • An internet connection
  • Minimum 8 Mb of free RAM
OS X:
  • Any Macintosh with System version 10.0.3 or higher installed
  • An internet connection

Daemons and servers

MacAnalysis not only tracks a particular daemon, but all versions of the daemon (v1.0 vs v1.2). Some daemons that MacAnalysis includes in its database:

Mail (smtp, pop3):
  • Sendmail
  • SLMail
  • VopMail
  • InFusion
  • Emurl Communigate
  • IMail
  • Eudora
  • MailMax
  • Internet Anywhere
  • Netscape Messaging
  • Microsoft Exchange
  • 602Pro LAN Suite
  • DMail
  • Mercury
  • Internet MailBridge
  • FTGate
  • Merak
  • Starnine Mail Server
  • Nu-Mail
  • NTMail
  • Post Office
 Web (www):
  • Apache
  • IIS
  • Netscape Enteprise
  • RapidSite
  • WebStar
  • OmniHTTPd
  • NCSA Httpd
  • Microsoft Personal
    Web Server
  • iServer
  • JigSaw
  • GoAhead
  • Avenida
  • BadBlue
  • Alibaba
  • StrongHold
  • Sambar Server
  • MacOS X server
  • Roxen WebServer
  • Domino
  • Zeus Web Server
 Ftp:
  • Wu_Ftpd
  • FtpMax
  • Serv-u
  • WFTPD
  • WS_FTP
  • ZBServer
  • Guild FTPd
  • Rumpus
  • Microsoft
  • Shambala
  • BisonWare
Some of the operating systems that MacAnalysis has in its database include:
  • A/UX
  • HP-UX
  • IBM AIX
  • OpenVMS
  • OSF/1
  • QNX
  • ReliantUnix
  • Sco OpenServer
  • IRIX
  • Solaris
  • SunOS
  • Ultrix
  • UnixWare
  • MacOS
  • MacOS X
  • BSDi
  • FreeBSD
  • Linux
  • OpenBSD
  • Solaris
  • Windows
  • AS/400
  • BeOS
  • OS/2
  • OS/390
  • Lynx
  • Novelle NetWare

MacAnalysis in Action

Below I check the vulnerabilities on my machine. Only a visible folder, which doesn't matter. Yeah Mac OS X!


Here are the shortcuts to the various tools


Firewall

These are some of the firewall configuration options.




Domain tool

The following is an example of the domain tools.



Notice the red dot on the map? This would be really good for those cyber crime movies (or sysadmins who are looking for some excitement in their life) but it needs a full screen map.


IP tools

Scanning my computer again.


Looking up Apple.


Username/Password

Dangerous stuff here.