Re: Linux free software auditing

[Mauro Flores <almauri () cs com uy>]

Ups! Now I'm reading the second part of your mail (sorry, I'm doing
multitasking here :).
I don't know any good tool to analyze software security, when I have to
do that kind of work I basically do this:
- Build a fast schema of the objects/functions dependencies and
  functionalities identifien the critical ones for the object of the
  job.
- Run some grep/perl script to find all the syscalls, socket, critical
  identified funcions, etc lines inside the code and then I analyze the
  context of that calls.

Is a hard work and takes time. For the binary part, you can use a hash
check (SHA-1, etc) or something like that if you have a trusted binary.
If not, you can run the code in some kind of sandBox or debugger that
brakes avery time a defined syscall is called and analyze the excecution
context... this is not a "complete" method, I mean, maybe some malicious
behavior can escape to this kind of analize.
Another way is to unassemble the code and apply a source code analyze to
that... If you're going to do that, I recomend you a good deal of
beer... trust me, you'll need it :)

regards, Mauro Flores

On Wed, 2005-08-31 at 12:52 +0000, anceky () yahoo com br wrote:
> Can anyone tell me some references (sites, articles) about Linux free software auditing ?
>
> I need procedures, tools, tips to analyse the software security (source and binary format) and avoid malicious 
> behaviour like not authorized network connections, suspect syscalls, ... 
>  
> Thanks.