nss is a perl script that scans either individual remote hosts or entire
subnets of hosts for various simple network security problems.  The
majority of the tests can be performed by any non-privileged user on a
typical Unix machine.  The only test currently being performed that
requires root privileges is the check for a bad hosts.equiv file.  This
test requires that a fake username (e.g., bin) be fed into rexec.

Ethical (and possibly legal) concerns limit the tests that nss will run.
nss will not create any files on remote machines nor will it run any non-
trivial programs on remote machines.  

The only non-standard external program it invokes is ypx, a program that
attempts to download the password map from a NIS server.  ypx was posted
in comp.sources.misc and in archived in volume 40.

nss also requires the ftplib.pl package if you are running perl version
4.x. ftplib.pl is available from several perl archives such as
ftp://anubis.ac.hmc.edu:/pub/perl/library/ftplib.pl.gz

This program was developed on a DECstation 5000 running Ultrix 4.4.  It
has had superficial portability checks made under SunOS 4.1.3 and Irix 5.2
but extensive work has not been performed from those platforms.

Copyright 1995 by Douglas O'Neal

Everyone is granted permission to use and distribute this program provided
that this copyright notice is retained in all copies distributed.
Inclusion of this software in any commercial product without the express
permission of the author is prohibited.

This software is provided "as is" and without any express or implied
warranties including the implied warranties of merchantibility and
fitness for any particular purpose.

In no event shall the authors or contributors be liable for any direct,
indirect, incidental, special, exemplary, or consequential damages arising
out of the of this software.

Written by: Douglas O'Neal
            Doug.ONeal@jhu.edu
