From owner-freebsd-hackers Fri Apr 18 08:46:01 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id IAA12977 for hackers-outgoing; Fri, 18 Apr 1997 08:46:01 -0700 (PDT) Received: from coven.queeg.com (queeg.com [204.95.70.218]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA12957; Fri, 18 Apr 1997 08:45:49 -0700 (PDT) Received: (from brion@localhost) by coven.queeg.com (8.8.5/8.8.4) id IAA25067; Fri, 18 Apr 1997 08:44:47 -0700 (PDT) Date: Fri, 18 Apr 1997 08:44:47 -0700 (PDT) Message-Id: <199704181544.IAA25067@coven.queeg.com> From: Brion Moss To: The Hermit Hacker Cc: "Serge A. Babkin" , khetan@iafrica.com, security@freebsd.org, hackers@freebsd.org Subject: Re: SATAN under FreeBSD In-Reply-To: References: <199704111311.TAA06060@hq.icb.chel.su> Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Check out "The Admin Guide to Cracking, by the people who brought you Satan. It's at ftp://ftp.win.tue.nl/pub/security/index.html, along with a lot of other good stuff. AUSCERT has a security checklist that you can go through. There's a better checklist in _Practical_UNIX_And_Internet_Security_, from O'Reilly. -Brion The Hermit Hacker writes: > On Fri, 11 Apr 1997, Serge A. Babkin wrote: > > > > > Or just set in the options that the .pl suffix means a HTML file. > > > > It worked great for me. The only problem is that I found > > > > absolutely no usefulness in SATAN. The "holes" it reported > > > > about were so idiotic. > > > > > > > Any useful resources that I can look through on how to debug > > > things? For instance, one of the machines at the office is an old > > > Altos machine running 'Sendmail 5.59/Altos-2.0 ready'...I'd like to be > > > able to test that one for any holes. > > > > I awaited a like thing from SATAN too. But almost all it did was analysing > > the NFS exports :-( > > Looking at the work on SATAN, and what it was trying to address, > why isn't there a list compiled of 'how to break into an insecure system'? > Something that a system adminstrator could sit down and go through, one by > one, to test their systems? > > One of the 'papers' that I've come across through Yahoo is found > at: > > http://www.geocities.com/SiliconValley/Lakes/6866/admin.html > > which details several different methods of cracking into a system, > but its by no means complete, and all of them fail even on that old Altos > machine, so, like SATAN, is practically useless. > > Does anyone else know of something similar? Maybe start up a > 'Improving Security' section off of the FreeBSD web pages with links to > *good* papers like the above? > > > Marc G. Fournier > Systems Administrator @ hub.org > primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org >