Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 11 Apr 1997 10:26:27 -0300 (ADT)
From:      The Hermit Hacker <scrappy@hub.org>
To:        "Serge A. Babkin" <babkin@hq.icb.chel.su>
Cc:        khetan@iafrica.com, security@freebsd.org, hackers@freebsd.org
Subject:   Re: SATAN under FreeBSD
Message-ID:  <Pine.NEB.3.96.970411101637.235l-100000@thelab.hub.org>
In-Reply-To: <199704111311.TAA06060@hq.icb.chel.su>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 11 Apr 1997, Serge A. Babkin wrote:

> > > Or just set in the options that the .pl suffix means a HTML file.
> > > It worked great for me. The only problem is that I found
> > > absolutely no usefulness in SATAN. The "holes" it reported
> > > about were so idiotic.
> > >
> > 	Any useful resources that I can look through on how to debug
> > things?  For instance, one of the machines at the office is an old
> > Altos machine running 'Sendmail 5.59/Altos-2.0 ready'...I'd like to be
> > able to test that one for any holes.  
> 
> I awaited a like thing from SATAN too. But almost all it did was analysing
> the NFS exports :-(

	Looking at the work on SATAN, and what it was trying to address, 
why isn't there a list compiled of 'how to break into an insecure system'?
Something that a system adminstrator could sit down and go through, one by 
one, to test their systems?

	One of the 'papers' that I've come across through Yahoo is found
at:

	http://www.geocities.com/SiliconValley/Lakes/6866/admin.html

	which details several different methods of cracking into a system,
but its by no means complete, and all of them fail even on that old Altos
machine, so, like SATAN, is practically useless.

	Does anyone else know of something similar?  Maybe start up a 
'Improving Security' section off of the FreeBSD web pages with links to
*good* papers like the above?


Marc G. Fournier                                
Systems Administrator @ hub.org 
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org 




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96.970411101637.235l-100000>