SATAN (Security Administrator's Tool for Analyzing Networks) is a powerful aid for system administrators. It performs "security audits," scanning host computers for security vulnerabilities caused by erroneous configurations or by known software errors in frequently used programs. SATAN is a particularly interesting piece of software because it uses the Web as its front end. Readers should be particularly interested in SATAN because it has earned a lot of publicity - even notoriety. The original SATAN paper reported details, for the first time outside the hacker community, on how insecure some often-used services on the Internet really are. The SATAN software provided a tool for automatic detection of such vulnerabilities. Because SATAN could be run on other sites, not only your own, many critics predicted that SATAN would wreak destruction on the Internet. The Oakland Tribune, for example, wrote: "It's like randomly mailing automatic rifles to 5000 addresses. I hope some crazy teen doesn't get ahold of one." The dire results predicted have not come to pass, and SATAN has become a useful tool in many system administrator's toolboxes. This small book describes not only how to install and use SATAN, but also how to extend its modular structure to adapt it to local requirements and increase its knowledge of specific security vulnerabilities. It further discusses how you can defend your site against potential abuse by SATAN by configuring your computers to detect when a potentiial intruder employs the program against your hosts and network and taking appropriate measures to repel the attacks.
ABOUT THE AUTHOR
|
| Martin Freiss | Martin Freiss, after a degree in electrical engineering, decided to do something else and started his working life in Unix development at Nixdorf Computer AG, writing IP stacks. As soon as he got the chance, he went into Internet administration, looking after the company's mail, news, WWW and DNS servers, potecting them from abuse and generally fiddling with everything having to do with networking on the Internet. He is currently at the Competence Center IT Networks department of Siemens Nixdorf Information Systems Inc. in Cologne, Germany, where his time is divided between consulting on network security and Internet service and providing and giving seminars and workshops on these topics. At home, he tries to improve his language skills, though - as a confessed network news addict - he spends most of his time at his workstation. |
