Another Frank writes:
>Up I go onto the soapbox --- feel free to hit the "Delete" button.
>The *best* Anti Satan tool is implementing the correct security discipline
>on Internet hosts in the first place. Satan does nothing that can't be
>stopped with known, publicized techniques. The next 5 days are better
>spent fixing known, long festering problems than setting up a tool that
>proports to "detect" Satan "attacks."
>Down I go off the soapbox and back into the salt mine.
I must agree. If you look at the SATAN manual, it really just checks
for things that are already known. And one should review their security
policy and audit their own site every so often anyway. The things that
it looks for in a hevay probe can be fixed by either upgrading your
software or reconsider what you running on your machine.
IMHO I think that SATAN is just the beginning of better tools and I
expect to see more (including some additions to SATAN)... No Security
Tool will replace a well defined and implemented security policy. And
periodically auditing what you have defined and implemented.
Otherwise things go to entropy.