Great Circle Associates Firewalls
(January 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: SATAN user group?
From: Frank Willoughby <frankw @ in . net>
Date: Thu, 30 Jan 97 11:02:05 -0500
To: "Ferrell-1, Ema" <Eman . Ferrell-1 @ kmail . ksc . nasa . gov>
Cc: firewalls @ GreatCircle . com 
In response to "Ferrell-1, Ema" <Eman .
 Ferrell-1 @
 kmail .
 ksc .
 nasa .
 gov>'s 
mail of 1/29/97:

Ema,

The SATAN tool (or SANTA as I prefer to call it - after running the 
REPENT program) is vastly over-hyped & over-rated.  BTW, I hope you 
are running at least version 1.1.1 (due to the security problem in 
1.1 - if memory serves me).  In any event, the SANTA tool is mostly 
good for telling you if your systems have security patches installed 
at least up until 1995 (and no later) and that you have made at least
some feeble attempts to secure the systems.  

Running the SANTA program will **NOT** tell you if your systems are 
free from the latest security vulnerabilities or if you have the latest 
security patches installed.

Running the SANTA program **WILL** give you a false sense of security 
if your systems happen to pass the SANTA test.

IMPORTANT
I would *STRONGLY* recommend that you contact your Information Security 
Department *before* installing & running the SANTA tool on any of NASA's 
networks.  In some circles, running this (or similar) tool without 
permission is grounds for immediate termination and/or prosecution.

Assuming that NASA's Information Security Department has approved your 
request to run a security tool on their network, then I would recommend 
that you run the SAFEsuite tools from ISS (http://www.iss.net).  The ISS 
tools have significantly better coverage of security vulnerabilities than 
the SANTA tool.  Safesuite also runs under Linux & Windows NT.  

Last, but not least, I would STRONGLY recommend that you do **NOT** run
any security tools across the Internet.  Doing so could lead a hacker
to their next victim.  Assuming a problem is found, a hacker can take
advantage of the window of vulnerability (from when a problem is 
discovered to when the problem is fixed) to break into the target 
system and use that system as a staging area for further attacks into
your network.

I hope the above was of some help to you.

Best Regards,


Frank

=======================================================================
| Fortified Networks, Inc.  -  Expert Information Security Consulting |
| Web:  http://www.fortified.com                                      |
| Phone: (317) 573-0800                                               |
| Fax:   (317) 573-0817                                                 |
=======================================================================
Indexed By Date Previous: RE: I want to learn UNIX
From: Michael Kelly - Dallas <michael . kelly @ brite . com>
Next: Re: I want to learn UNIX
From: mdb @ dosmanos . cwiz . com (Martin D. Baldenegro)
Indexed By Thread Previous: SATAN user group?
From: "Ferrell-1, Ema" <Eman . Ferrell-1 @ kmail . ksc . nasa . gov>
Next: Re: SATAN user group?
From: <winspace @ void . hell . net> (Norman Widders)
Google
 
Search Internet Search www.greatcircle.com