Skip to content
/ SHIPS Public
forked from trustedsec/SHIPS

The Shared Host Integrated Password System (SHIPS) is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Clients may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support …

0 stars 42 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ZeldaElda/SHIPS

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
clients
clients
 
 
doc
doc
 
 
etc
etc
 
 
gems
gems
 
 
lib
lib
 
 
test
test
 
 
README.md
README.md
 
 
SHIPS.rb
SHIPS.rb
 
 
SQLiteIdentity.rb
SQLiteIdentity.rb
 
 

Repository files navigation

#Shared Host Integrated Password System Copyright 2016 Shared Host Integrated Password System (SHIPS)

Written by: Geoff Walton at TrustedSec

Company: TrustedSec

Please read the design and installation documentation located in the doc/ folder.

#What IS SHIPS?

SHIPS is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. SHIPS also attempts to address secure sharing of these accounts when they must be controlled by multiple parties. Client systems may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support personnel as required, or updated when a password has to be manually changed in the course of system maintenance. By having unique passwords on each machine and logging of password retrievals, security can be improved by making networks more resistant to lateral movement by attackers and enhancing the ability to attribute actions to individual persons.

When performing penetration tests, our common attack vector is through compromising one host and pivoting to other systems with the information obtained. It is common to see large-scale breaches utilizing this method and that is where SHIPS comes into play.

SHIPS is designed to make post-exploitation more difficult and minimize what systems attackers gain access to. Once SHIPS is set up, there isn’t much else that is needed and it’s simple to integrate into existing business processes.

ProjectGoals

A complete solution packaged as a single application which can be deployed on a variety of platforms.

Deployments should be simple to move or relocate (this may be required in disaster recovery situations).

Immediately useable with little or no training for support personnel.

Low resource consumption on server and clients.

Low impact on WANs.

Support a wide variety of clients.

Simple client protocol so various operating systems and devices can be integrated with the server through shell scripts and utilities such as cURL.

Simple to integrate with external directories or asset management tools.

Ability to easily script interaction with the server in order to facilitate system deployment processes, or integrate with other support tools.

For bug reports or enhancements, please open an issue here https://github.com/trustedsec/SHIPS/issues

Supported Server Platforms

  • Designed for Linux and OSX
  • Also works with Windows

Supported Client Platforms

  • Microsoft Windows (all versions)
  • Most Linux Distributions

About

The Shared Host Integrated Password System (SHIPS) is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Clients may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support …

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • JavaScript 69.0%
  • Ruby 20.0%
  • HTML 7.1%
  • Visual Basic .NET 2.9%
  • Other 1.0%