THIS PAGE IS STILL
UNDER CONSTRUCTION

What is it?


Spinner is an attempt to speed the evaluation of some aspects of computer security
without sacrificing accuracy.

The idea goes something like this:

  • Most of the workstations in use at the moment are running some version of Microsoft Windows.
  • Most of the security settings on a Windows machine are located either in the registry, or
    in the Global Policy Objects (GPO) that are pushed down from the domain controller in an AD
    environment
  • Windows Registry files tend to be rather large (1M lines is not uncommon).
Wouldn't it be great if there were an application that met the following criteria?
  • Parses Registry and GPO files fast, locating potential issues in the Registries
    and letting you know if those issues were already mitigated by the GPOs.
  • Doesn't waste your time with some pretty output that is ridiculously hard to
    copy and paste from.
  • Is not restricted to parsing only Registry / GPO files.
  • Is not restricted to a certain set of criteria with which to parse files.
I think so; that's why I'm writing it.



What does it look like?


Cheesy Snapshot

Action shots will arrive when I've had more than a week to work on it... Until then,
the two buttons within the Settings frame are what the user clicks on to browse over to
the file containing the criteria they will be using to evaluate their data, and the
directory that contains the data itself. Once the user provides these two peices of
information, the icons on the buttons change to green checkmarks and Spinner will allow
evaluation of the data to begin.


How does it work?


Sort of like grep on a binge... You know what you're looking for (criteria); you know
where it is (data files) - you just need to speed the process a bit. Spinner takes the two
items just mentioned, pulls both of them into memory and 'spins' through them using an
implementation of multiple nested linked lists. Reading and writing to the disk is avoided
until most of the work is done - even the report is kept in memory until the evaluation is
complete.

Something that I consider important, despite it not making its way onto the primary criteria
list, is that Spinner does not - by design - work on an active registry. I feel that installing
new software on a system, thereby changing its configuration, is not the best way to evaluate
a system's configuration. Every version of Windows has the capability to export its Registry
to a text file, and in doing so, provide a snapshot of the system at a static point in time.
If you are conduct vulnerability assessments, this gets to be a relatively important and
beneficial aspect of using a tool like Spinner.

To the user, Spinner should be extremely point-and-shoot. Spinner will look at every file
in the data directory specified, parsing what it understands and reporting what it doesn't. At
the moment, the way this happens is through a relatively simple 'fingerprint' process - Spinner
reads the first x number of characters from a file and compares them to character strings from
known filetypes. If it understands what it's seeing, it will assign the correct parsing engine
and happily give your processor a bit of a workout. If it doesn't understand what it's seeing,
it will report it's confusion and continue parsing what it can. At this point, the user can
start parsing by hand, or send me a sample of the data they're picking through. I'll write a
parsing engine at a speed determined by the following equation:

spinner coding = (free time / (family + job)) * monetary donation


Where do I get it?


Eventually, from the Spinner Project Page. For the moment, however, there's always CTRL + F.


To whom do I complain?


Me. At the moment, I'm keeping myself somewhat occupied with career, family and coding the
beta version of this thing. That said, after I release the first attempt, I would appreciate
sample files of any data you would like Spinner to parse.

Thank you for visiting,
- nemo


SourceForge Logo