INFORMATION BULLETIN
INFORMATION BULLETIN
PROBLEM: Public release of SATAN. PLATFORM: Any IP machine connected to the network. DAMAGE: Each IP address for a given subdomain is systematically scanned for security weaknesses. SOLUTION: Install patches and properly configure systems and firewalls.
VULNERABILITY SATAN has been widely publicized in the national media and ASSESSMENT: on various Internet forums. The software is public available as of 5 April 95, 14:00 GMT.
CIAC recently released CIAC NOTES 07a article (April 5, 1995) that is devoted to SATAN. The article was based on beta-releases of SATAN and is applicable to the current version 1.0 release of SATAN. There were no major operational changes between the latest beta release and the current version 1.0 public release. By configuring a system correctly, installing all the latest patches, and monitoring system usage, most of SATAN's techniques can be countered, or at a minimum detected. Unfortunately, complete protection from SATAN is difficult. Most of the vulnerabilities it looks for are easily addressable, but some do not yet have satisfactory solutions.
CIAC has recently written a program to defend against SATAN and other similar tools. The program, called Courtney, monitors the connections to the ports probed by SATAN. When an attack by SATAN takes place, the offending host will be reported.
CIAC has also make available the current release of SATAN
SATAN is made up of HyperText Markup Language (HTML) documents, C code, and Perl scripts which generate HTML code dynamically. It requires an HTML viewer (Mosaic, Netscape, or Lynx), a C compiler, and PERL version 5. The user simply interacts with a WWW client, entering necessary data into forms. The control panel for SATAN provides four hypertext options: Target Selection, Reporting & Data Analysis, Documentation, and Configuration & Administration.
Refer to CIAC Notes 7 for an indepth look at SATAN.
Voice: +1 866-941-2472 (7 x 24)
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov/