Son of Snoop on Steroids (SOSOS) is a computer hardware and software inventory program. It gathers over 220 pieces of information about computers and optionally stores this information in a database. It can be run locally or can be used by an administrator to scan a network.
SOSOS was designed to make the life of the System Administrator easier… many tools are available to gather data similar to SOSOS, but few allow you to automatically record the results into a database.
New: SOSOS is now available as a complete pre-compiled install package at the sister site: http://www.sosos.emmet-gray.com
SOSOS is still available as Visual Basic “source code”. That means that you can use Microsoft Visual Studio 2005/2008 to alter the program and recompile the source code to suit your needs. Luckily, Microsoft provides the Visual Basic Express Edition as a free download at http://www.microsoft.com/visualstudio/eng/products/visual-studio-express-products
SOSOS is completely free of charge. SOSOS and its source code is considered in the “public domain”. That means you can do anything you want with it, to include making money from it. There is no licensing requirement.
SOSOS gathers information about PCs including hardware information such as CPU, memory, hard drives, and serial numbers; software information such as operating system, installed software, and software components; configuration information such as IP address, running processes, desktop settings, and services; and security-related information such as shared resources, modems, account policies, security patches, and virus activity.
Note: SOSOS does not gather any personal information, look at emails, user documents, or track Internet activity.
SOSOS does not have a built-in database… instead it relies on a 3rd-party database application to store its information. A database is not absolutely required. However a lot of SOSOS functions are designed around a database and will be disabled when a database is not configured.
The SOSOS Suite
SOSOS is actually a suite of programs consisting of the following:
SOSOS – the main application (includes all of the features below)
RunSOSOS – a command-line version for unattended gathering of data
PollSOSOS – a command-line version for network scanning
ViewSOSOS – a read-only interface to SOSOS database
ConfigureSOSOS – a setup utility for the SOSOS suite
SOSOS.exe is the “main” application that may be the only application that’s required in a home or small office environment.
In the most common scenario for a corporate environment, the average user may never see the SOSOS program. The data from their PCs may be gathered by the RunSOSOS program which is designed by default to be “stealthy” and to be run during the login process with no user intervention.
Users can double-click on the SOSOS.exe program to manually scan their PC, save the data, print, or save a report. Administrators can do more…they can use SOSOS to poll remote PCs for their data.
The most common task in SOSOS is to collect data from the local PC. You perform this function by clicking on the Collect Data button (or from the File/Collect Data menu). The SOSOS screen will look like the following
Use of SOSOS Data
The true power of SOSOS is in the manipulation of the data that it collects. The collection of the data by itself isn't all that helpful... but the ability to write queries against the data is a very powerful tool. This ability to analyze the data is where SOSOS can save an organization time and money.Many people in our organization are able to use the data from SOSOS:
- IT staff can diagnose network configuration errors
- Security staff can track "points of entry" (modems, shares, abandoned PCs, etc).
- Property book staff can track serial numbers
- Budget staff can use it to help plan major upgrades
- Users can find a CD Burner, Zip drive, or color printer that they can use
Users think our IT staff is psychic, since we can often detect a problem before they are even aware that a problem exists. In other cases, when a user has a problem, we can remotely “snoop” their PC while they are on the phone.
When a new security concern is discovered, we quickly write a query against the SOSOS database or, if required, re-scan our PCs. SOSOS provides a way to answer questions such as:
- How many PCs are missing the latest security patch
- Who has dangerous/inappropriate/illegal software?
- Who has an "open" share on their PC?
- Who is getting errors in the Event logs?
- Who has an account with no password?
- Is everyone using an NTFS partition?
- What's the revision level of the anti-virus software?
- What's the date of the virus signatures?
- Who is getting virus activity?
SOSOS also provides an inventory tracking system that records the brand, model number, and serial number of their PC, and also video monitor and printer information. SOSOS provides a way to keep track of:
- Who has a CD burner, a DVD, a zip drive, etc.?
- How many copies of the licensed software are installed?
- What PCs need hardware upgrades, BIOS updates, etc.?
- Who is running low on disk space?
- What PCs need operating system/software upgrades?
- Who has a printer like mine? I need to borrow an ink cartridge.
- Hey! Where’d that PC go? (Track by serial number or MAC address)
In addition to the SOSOS suite, there are several other related programs that perform the following functions:
- AlertSOSOS Immediately notifies a list of staff members by instant message and email when conditions such as new virus activity or new disk shares are detected
- BackupSOSOS Archives SQL data into Microsoft Access files
- ErrorLogSOSOS Converts the text-based SOSOS Error Log File into a database
- MgmtConsoleSOSOS A GUI-based management console for SOSOS data
- ProcessSearch Searches the SOSOS database against a list of several hundred known spyware, adware, and Peer to Peer applications
- SoftwareSearch Similar to ProcessSearch, but searches Installed Software
Database Table Listing
The data is stored in the following 43 tables:
|Accounts||A listing of all local accounts|
|Admins||Members of the local Administrators group|
|AutoUpdate||Automatic Update settings|
|Components||Windows components (similar to installed software)|
|Desktop||User’s desktop (screen saver, wallpaper, etc.)|
|Devices||Listing of devices (similar to device manager)|
|Disks||Physical disk information|
|Drives||Logical drive information (drive letters)|
|User’s Microsoft Outlook settings|
|EventLogs||Event Log Entries|
|EventLogSettings||Settings for each Event Log|
|FileInfo||Information about an ad-hoc list of files|
|Internet||User’s Internet Explorer settings|
|Mapped||User’s mapped network drives and printers|
|Memory||Quantity and type of RAM|
|Monitor||Video Monitor information|
|NetAdapter||Network Interface Card (NIC) information|
|OS||Operating System details|
|PC||Miscellaneous PC information|
|Permissions||Permissions on network shares|
|Ports||Number and type of ports|
|Printers||Local and network printer information|
|Processes||List of running processes (similar to Task Manager)|
|Profiles||Listing of User Profiles (i.e. C:\Document and Settings)|
|QFE||Updates/Patches (QFE=Quick Fix Engineering)|
|Registry||Information about an ad-hoc list of registry keys|
|Services||List of Windows Services|
|Shares||Information about network shares|
|Software||Listing of installed software|
|SOS||Summary information (root of many tables)|
|Startup||User’s automatic startup applications|
|SystemDrivers||List of system drivers (useful in recovery console)|
|SystemInfo||System identification and serial numbers|
|Tasks||Listing of scheduled tasks|
|UserLogin||Record of every login|
|Video||Video card information|
|Virus||Norton Antivirus Corporate Edition logs|
Download the install package:
Download the complete VB.Net source for SOSOS: SOSOS_src.zip
Listing of Related Applications available for download
Visit the dedicated website for SOSOS: http://www.sosos.emmet-gray.com