Just in case you think your machine on the Internet is secure enough for remailers, storing private files, etc. here's the author's description from the source code shell archive as posted to comp.sources.misc. It would be a big confidence booster if remailer sites demonstrate that they have passed ISS and other Internet security tests. ---------------------- Internet Security Scanner (ISS) is one of the first multi-level security scanners available to the public. It was designed to be flexible and easily portable to many unix platforms and do its job in a reasonable amount of time. It provides information to the administrator that will fix obvious security misconfigurations. ISS does a multi-level scan of security, not just searching for one weakness in the system. To provide this to the public or at least to the security conscious crowd may cause people to think that it is too dangerous for the public, but many of the (cr/h)ackers are already aware of these security holes and know how to exploit them. These security holes are not deep in some OS routines, but standard misconfigurations that many domains on Internet tend to show. Many of these holes are warned about in CERT and CIAC advisories. This is the first release of ISS and there is still much room for improvement. ISS is a project that I started as I became interested in security. As I heard about (cr/h)ackers breaking into NASA and universities around the world, I wanted to find out the deep secrets of security and how these people were able to gain access to expensive machines that I would think were secure. I searched Internet for relative information, such as Phrack and CERT advisories. Most information was vague and did not explain how intruders were able to gain access to most systems. At most the information told administrators to make password security tighter and to apply the vendor's security patches. They lacked real information on how an intruder would look at a site to try to gain access. Having talked with security experts and reading CERT advisories, I started trying to look for various security holes within my domain. To my surprise, I noticed that many of machines were adequately secured, but within a domain there remained enough machines with obvious holes that anyone wanted into any machine could attack the weak 'trusted' machine and from there could gain access to the rest of the domain. From this project, I have not learned any new deep secret to cracking systems, but with the right tools that most domains on Internet are insecure. These holes will not be a surprise to any advanced intruder, but with this tool administrators will be able to quickly search for obvious holes and prepare to fix them.