Protecting Networks with SATAN

SATAN performs "security audits," scanning host computers for security vulnerabilities. This book describes how to install and use SATAN, and how to adapt it to local requirements and increase its knowledge of specific security vulnerabilities.

---

SATAN (Security Administrator's Tool for Analyzing Networks) is a powerful aid for system administrators. It performs "security audits," scanning host computers for security vulnerabilities caused by erroneous configurations or by known software errors in frequently used programs. SATAN is a particularly interesting piece of software because it uses the Web as its front end. Readers should be particularly interested in SATAN because it has earned a lot of publicity -- even notoriety. The original SATAN paper reported details, for the first time outside the hacker community, on how insecure some often-used services on the Internet really are. The SATAN software provided a tool for automatic detection of such vulnerabilities. Because SATAN could be run on other sites, not only your own, many critics predicted that SATAN would wreak destruction on the Internet. The Oakland Tribune, for example, wrote: "It's like randomly mailing automatic rifles to 5000 addresses. I hope some crazy teen doesn't get a hold of one." The dire results predicted have not come to pass, and SATAN has become a useful tool in many system administrators' toolboxes.
This small book describes not only how to install and use SATAN, but also how to extend its modular structure to adapt it to local requirements and increase its knowledge of specific security vulnerabilities. This book also discusses how you can defend your site against potential abuse by SATAN. You can configure the program to detect when a potential intruder employs the program against your host and network, and you can take appropriate measures to repel the attacks.