Review of MacAnalysis
By: James Reynolds - Revised: 2006-06-15 devinIntroduction
An overview of MacAnalysis, a network security application.
What is MacAnalysis?

MacAnalysis is a security auditing/cracker prevention application. It uses more than 1300 known vulnerabilities to crack a server and gives a detailed report of any issues. It uses a database that keeps track of vulnerabilities. The database can be updated to include new vulnerabilities, typically 100 entries a month. It also has a firewall that watches for the same vulnerabilities it uses to hack.
MacAnalysis can be scheduled to periodically check servers and can alert sysadmins of problems by SMS (Mobile Phone), email or by an audible alert.
It can perform NSlookup, System Information, NetStat, Finger, Whois, ReverseIP, Port Scan, Services Scan, Name Scan, Traceroute, Looking Glass Features, OS Fingerprinting, POP3/SMTP/FTP Brute Force, Nph-Browser, Proxy Support, Network Info, ICMP logger, Full Featured Firewall, IP Monitoring, DUP Broadcast Scanner, Telnet client, Buffers Overflow, etc...
It also includes a dictionary of technical words and has a "security news" option that downloads the latest security news from various websites.
MacAnalysis boasts customers from the armed services, the government, and large corporations. It has also received top awards from many organizations. See the
MacAnalysis homepage for more information.
Note: it is recommended that you only use MacAnalysis on servers that you own since it will not try to hide its tracks like typical cracker software. In other words, you will get noticed very fast if you scan www.apple.com for vulnerabilities...
System Requirements
Classic:
- Any Macintosh with System version 8.6 or higher installed
- An internet connection
- Minimum 8 Mb of free RAM
OS X:
- Any Macintosh with System version 10.0.3 or higher installed
- An internet connection
Daemons and servers
MacAnalysis not only tracks a particular daemon, but all versions of the daemon (v1.0 vs v1.2). Some daemons that MacAnalysis includes in its database:
Mail (smtp, pop3): - Sendmail
- SLMail
- VopMail
- InFusion
- Emurl Communigate
- IMail
- Eudora
- MailMax
- Internet Anywhere
- Netscape Messaging
- Microsoft Exchange
- 602Pro LAN Suite
- DMail
- Mercury
- Internet MailBridge
- FTGate
- Merak
- Starnine Mail Server
- Nu-Mail
- NTMail
- Post Office
| Web (www): - Apache
- IIS
- Netscape Enteprise
- RapidSite
- WebStar
- OmniHTTPd
- NCSA Httpd
- Microsoft Personal
Web Server - iServer
- JigSaw
- GoAhead
- Avenida
- BadBlue
- Alibaba
- StrongHold
- Sambar Server
- MacOS X server
- Roxen WebServer
- Domino
- Zeus Web Server
| Ftp: - Wu_Ftpd
- FtpMax
- Serv-u
- WFTPD
- WS_FTP
- ZBServer
- Guild FTPd
- Rumpus
- Microsoft
- Shambala
- BisonWare
|
Some of the operating systems that MacAnalysis has in its database include:
- A/UX
- HP-UX
- IBM AIX
- OpenVMS
- OSF/1
- QNX
- ReliantUnix
- Sco OpenServer
- IRIX
| - Solaris
- SunOS
- Ultrix
- UnixWare
- MacOS
- MacOS X
- BSDi
- FreeBSD
- Linux
| - OpenBSD
- Solaris
- Windows
- AS/400
- BeOS
- OS/2
- OS/390
- Lynx
- Novelle NetWare
|
MacAnalysis in Action
Below I check the vulnerabilities on my machine. Only a visible folder, which doesn't matter. Yeah Mac OS X!
Here are the shortcuts to the various tools
Firewall
These are some of the firewall configuration options.
Domain tool
The following is an example of the domain tools.
Notice the red dot on the map? This would be really good for those cyber crime movies (or sysadmins who are looking for some excitement in their life) but it needs a full screen map.
IP tools
Scanning my computer again.
Username/Password
Dangerous stuff here.