Hello.
COPS is a bunch of "batch" programs that check the
integrity of the system and files. COPS is not a real-time scanner
of network packets--at least the version I have.
I am not sure how cops is distributed these days--I am using version 104
(I did not go check the dist site to see if it is a "tar" file or "shar" file).
If the file is called "something.shar" it is probably a "shar" file
(SHell ARchive).
You need to make a directory somewhere
you want the COPS sources to be placed, change to that directory,
put your cops shar file in that directory, then
tell the shell to run (interpret) the shar file: "sh cops.shar".
Once unarchived, find the README files, and read them. The documentation is
good and should answer most questions about the COPS software.
Next, go to the "docs" directory and find more "readme" files.
The "ascii" files, are shell scripts. They are source programs that get
run (interpreted) by the "sh" or "csh", or "perl", or whatever is specified
in the first line of the file.
Review the "makefile" to see how things are made, and where things get
installed.
Make changes to the various files to reflect your system configurations
and the cops programs to be run.
Once you understand what it can do for you (the README and docs files),
you can better determine if it will solve the particular security issue
you want to address.
Steve Freyling
Secure Computer Communications, Inc.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
