SATAN was written because we realized that computer systems are becoming more and more dependent on the network, and at the same becoming more and more vulnerable to attack via that same network.
The rationale for SATAN is given in a paper that we posted in december 1993 ( Improving the Security of Your Site by Breaking Into it).
SATAN is a tool to help systems administrators. It recognizes several common networking-related security problems, and reports the problems without actually exploiting them.
For each type or problem found, SATAN offers a tutorial that explains the problem and what its impact could be. The tutorial also explains what can be done about the problem: correct an error in a configuration file, install a bugfix from the vendor, use other means to restrict access, or simply disable service.
SATAN collects information that is available to everyone on with access to the network. With a properly-configured firewall in place, that should be near-zero information for outsiders.
We have done some limited research with SATAN. Our finding is that on networks with more than a few dozen systems, SATAN will inevitably find problems. Here's the current problem list:
NFS file systems exported to arbitrary hosts NFS file systems exported to unprivileged programs NFS file systems exported via the portmapper NIS password file access from arbitrary hosts Old (i.e. before 8.6.10) sendmail versions REXD access from arbitrary hosts X server access control disabled arbitrary files accessible via TFTP remote shell access from arbitrary hosts writable anonymous FTP home directory These are well-known problems. They have been subject of CERT, CIAC, or other advisories, or are described extensively in practical security handbooks. The problems have been exploited by the intruder community for a long time.
We realize that SATAN is a two-edged sword - like many tools, it can be used for good and for evil purposes. We also realize that intruders (including wannabees) have much more capable (read intrusive) tools than offered with SATAN. We have those tools, too, but giving them away to the world at large is not the goal of the SATAN project. Note #178 by
DrMaboule 04/02/2004 @ 23:03
Ce portail me laisse bouche bée ! Il est tout simplement magifique et si facile d'utilisation ! Vivement que je fasse mon site avec ! Note #177 by
vidal 04/02/2004 @ 11:45
http://www.mae.u-paris10.fr
Je n'arrive pas sous OSX à faire les italiques et les gras Note #176 by
WebbY 03/02/2004 @ 08:24
http://www.freeguppy.nl
100.000, a record!
Started in september 2003 after the name change, GuppY is on the right track.
GuppY has many and positiv users, almost Global in languages.!!
I wish the Team and the users lots of fun with this cool tool...
il n'y a pas à dire mais guppy, est vraiment un système non complexe et facile à mettre en oeuvre...il faut vraiment l'adopter d'aiileurs, j'ai mis en place l'add-on de nicolas, un des membres de la team...un module de e-cards et ça marche au poil...
