Content Navigation footer

LOCUM

Software Services Limited

SafeSurvey

Link to Home Page

Link to Sitemap

Link to News

Link to Product Downloads

Link to Computer Auditing

Link to Product Information

Link to Product Release Levels

Link to Services

Link to Contacts

Link to Frequently Asked Questions

Link to Company Profile

Link to Product Resellers

Link to Escrow Agreement

 

 

Download the latest release of SafeSurvey. 42.7Mb

 

Download the latest release of SafeSurvey

 

Information: This release contains SafeSurvey Host v.11.35.158 and SafeSurvey Client v. 11.35.165.

Release Date: 22nd November 2007

Documentation: SafeSurvey Feature Sheet 18Kb; SafeSurvey Host User Manual 802Kb; SafeSurvey Client documentation is included in the Software.

Licensing: You can install SafeSurvey Host on MCP systems and run it in summary mode without a license. You must have SafeSurvey Host installed in order to be able to run SafeSurvey Client on PC systems. If you want to explore SafeSurvey's full reporting capacity, please contact Locum by telephone (+44 (0) 114 276 7609), or e-mail.

 

Download the latest version of SafeSurvey Host. 303Kb

 

Download the latest update to SafeSurvey

 

Information: This release contains SafeSurvey Host v.11.35.158 only.

Release Date: 22nd November 2007

Documentation: SafeSurvey Host User Manual 802Kb.

 

SafeSurvey is Locum's ClearPath MCP system security penetration utility which provides Security Administrators and Company Auditors with a series of detailed reports which analyse and highlight areas where systems may be at risk. Running SafeSurvey on a regular basis helps to keep you informed of the current status of the security environment on each system.

SafeSurvey comes in two parts. SafeSurvey Host runs on ClearPath MCP systems. SafeSurvey Client runs on PCs and provides an easy, user-friendly way for you to access SafeSurvey Host from your PC and create reports and graphs.

Key Features

  • Userdatafile analysis
  • Password penetration tests
  • Coms Cfile analysis
  • System configuration analysis
  • Disk file analysis
  • User-friendly reports

 

Userdatafile Analysis

The purpose of this test is to analyse the Userdatafile definitions highlighting usercodes with special privileges and investigating the use of security-related usercode attributes. The following information is reported:

  • Userdatafile statistics
  • Usercode privileges
  • Use of security-related attributes
  • Remoteuser definitions

The Usercode Privileges report analyses the allocation of Secadmin, PU, SystemUser, ComsControl, CandeControl and (for InfoGuard installations) Granulated privileges.

Included in the analysis of Security-Related Attributes is the use of Identity, NoDefaultUse, ComsOnlyLogon, ViolationLimit and (for Safe & Secure installations) NoLogon and SessionLimit.

The analysis of RemoteUser Definitions is particularly useful to identify LocalAliases with special privileges and the use of *AnyHost and *AnyUser definitions.

 

Password Penetration Tests

The favourite pastime of computer hackers is to challenge access to systems by guessing User-id passwords. SafeSurvey performs a number of tests on each password to determine the ease by which an unwelcome user may gain access to the system. SafeSurvey performs the following checks:

  • Usercodes or accesscodes with NO passwords
  • Usercodes or accesscodes where the password is identical to the usercode/password name
  • Usercodes or accesscodes with an easy-to-guess password
  • Usercodes with multiple passwords

When looking for easy-to-guess passwords, SafeSurvey will check the password against a list of popular words and names, repeated character strings and character sequences.

 

COMS Cfile Analysis

The COMS Cfile Analysis report is particularly useful to identify both obsolete usercode entries and 'hidden' privileges contained in program and station definitions. The following reports are produced:

  • COMS Cfile statistics
  • Userdatafile/COMS Cfile compatibility check
  • COMS Cfile Program definitions analysis
  • COMS Cfile Station definitions analysis
  • Default Definition analysis

The Userdatafile/Coms Cfile Compatibility Check compares the usercode entries contained in the Userdatafile and Coms Cfile and produces a list of incompatible usercodes.

The Coms Cfile Program and Station Definitions analysis identifies usercodes with privileges which have been used as program or station default usercodes.

The Default Definition report displays the attributes setting for default user, station, window and program definitions.

 

System Configuration Analysis

SafeSurvey interrogates and displays the settings of all relevant system options and settings including:

  • MCP Runtime options
  • SECOPT options (including InfoGuard options)
  • TCP/IP security settings
  • MCS status information

 

Disk File Analysis

SafeSurvey undertakes an analysis of the entire Disk subsystem and produces a report which identifies the following characteristics:

  • Codefiles with special privileges
  • Codefiles with operational privileges
  • Public codefiles and datafiles

Included in the Codefile with Special Privileges analysis is Secadmin, PU, Tasking, and Compiler codefiles (plus transparent variations).

The Codefile with Operational Privileges analysis includes Control, Suppressed, Resident, Restricted and Locked codefile.

 

User-Friendly Reports

SafeSurvey produces a number of reports in a clear, concise and non-technical format. The Security Administrator has the option of printing ALL the reports or a selection of reports. The reports may be sent to a diskfile or to a printer. If the reports are sent to a diskfile, they will be in text format so that they can be easily transferred to a PC and incorporated into a spreadsheet application.

 

 

The page was last updated on the 29th November 2007.