From owner-freebsd-questions Tue Apr 4 16:22:24 1995 Return-Path: questions-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id QAA26089 for questions-outgoing; Tue, 4 Apr 1995 16:22:24 -0700 Received: from palmer.demon.co.uk (root@palmer.demon.co.uk [158.152.50.150]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id QAA26073 for ; Tue, 4 Apr 1995 16:22:19 -0700 Received: from localhost (gary@localhost [127.0.0.1]) by palmer.demon.co.uk (8.6.9/8.6.9) with SMTP id AAA03302 ; Wed, 5 Apr 1995 00:17:47 +0100 X-Authentication-Warning: palmer.demon.co.uk: Host localhost didn't use HELO protocol To: smmcgee@ncbc.edu cc: questions@FreeBSD.org Subject: Re: SATAN ported?? In-reply-to: Your message of "Tue, 04 Apr 1995 18:03:06 -0000." <199504041700.RAA28295@localhost> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <3298.797037465.1@palmer.demon.co.uk> Date: Wed, 05 Apr 1995 00:17:45 +0100 Message-ID: <3299.797037465@palmer.demon.co.uk> From: Gary Palmer Sender: questions-owner@FreeBSD.org Precedence: bulk In message <199504041700.RAA28295@localhost>, Sean McGee writes: >Not in my optimistic point of view! It was designed to "find" your security >holes so that you can "plug" them. After all, the acronym stands for Security >Administrator Tool for Analyzing Networks, not Some Assinine Tool for >Attacking Networks. If some wannabe hacker happens to rewrite the code > - then yes, it can be used to attack, but then what about guns when you >apply them to the same reasoning ?? You don't need to re-write the code to use SATAN for attack - it's how it works. Most traditional publically available scanners (cops, etc) have been internal scanners, i.e. run on the machine you want to check. SATAN is a tool which I can run on my box here in the UK (well, if I had more memory perhaps) and use it to scan ncbc.edu's security. It does this by going through similar steps that a hacker would, except one hell of a lot faster. It may have been designed to find holes in a system, but sensible system setups (e.g. having a very rich text root password, careful control of NFS exports, etc) will do far more for system security than SATAN ever could. Gary