Security analysers: administrator assistants or hacker helpers?

Security analyser tools provide a means of automatically identifying, and potentially exploiting, vulnerabilities within computer systems and networks. Although such tools are useful to system administrators, in order to highlight and overcome weaknesses in protection, they are also of assistance to hackers looking for ways to break in. The paper highlights the range of tools that are currently available (and of potential use to both audiences) and considers the extent to which each group is likely to benefit from them in practice. It is considered that the ease of use of tools such as Back Orifice 2000 provide a means by which even the relatively unskilled hacker may inflict damage upon a system. Although it can be argued that the tools are generally equally available to hackers and administrators, the hacker community is likely to be more aware of the opportunities available. Even where they are aware of the existence of particular tools, survey results presented in the paper indicate that system administrators make relatively limited use of them. Factors that may account for this include their overall workload and lack of security awareness. Appropriate countermeasures can be identified to combat the individual categories of tool, but the problem of ensuring that these safeguards are implemented still remains.