HP3000-L Archives

April 1995, Week 2

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: SATAN and MPE
From:
Wirt Atmar <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Sun, 9 Apr 1995 22:15:18 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (74 lines) 
The following story concerning SATAN will appear in this week's TIME
magazine. Because I did not know what SATAN was until this story, I thought
that others might find it worth the bandwidth also.
 
Wirt Atmar
 
==================================
 
INTERNET
 
THE DEVIL IN THE NETWORK
 
A program called SATAN, which threatened to poke holes in cyberspace, may
plug them instead
 
BY JOSHUA QUITTNER
 
Most people get presents on their birthday. Not Dan Farmer, a computer
programmer with a gold ring in his eyebrow, a curly shock of orange hair and
a tendency to tug on the beard of authority. Last Wednesday, on the day that
Farmer turned 33, he gave a gift to the computer world: a fiendish little
software device called SATAN.
 
It was, judging by its advance press, the most dreaded computer program since
the Michelangelo virus. SATAN, which is an acronym for Security Administrator
Tool for Analyzing Networks, was designed by Farmer and a fellow programmer
to help network administrators scan their computers for the technological
equivalent of an unlocked back door -- a security hole that could be
exploited by unauthorized users looking for a way to break in.
 
The fear was that the program, which Farmer intended to make widely available
free of charge, would have the opposite effect. Computer experts were worried
that it would get into the hands of computer intruders, who would use it as a
burglar's tool kit to break the Internet wide open. The program is so easy to
use, so point-and-click simple, that it can turn second-rate hackers into
efficient computer crackers.
 
SATAN certainly landed with a crash. Within minutes of its release, traffic
started to pile up on the dozen or so computers around the world that Farmer
had authorized as satan release sites. ''Everyone was grabbing SATAN at
once,'' says John Fisher, a computer-security specialist at Lawrence
Livermore National Laboratory, one of several sites that became overloaded in
the crush. Two days after SATAN was unleashed, tens of thousands of copies
had been downloaded.
 
But the wave of satanic attacks never materialized -- or at least they hadn't
at week's end. It may be that most computer hackers don't own the
industrial-strength UNIX machines needed to run the program. But it seems
more likely that SATAN is actually doing the job it was designed to do. In
fact, many security experts are now praising the program -- and the publicity
that surrounded it -- as just the thing to shore up the Internet.
 
''The world is a better place with SATAN out there,'' says Bill Cheswick, a
computer scientist at AT&T's Bell Laboratories and co-author of Firewalls and
Internet Security. The Internet has been growing so rapidly, says Cheswick,
that it is filled with novice administrators running powerful computer
networks who don't have any idea how vulnerable their systems are. ''The bad
guys already have these tools,'' says Cheswick. ''It's a lot harder for the
good guys to get them.''
 
That's little solace for Farmer, who until last month was employed as a
security specialist at Silicon Graphics in Mountain View, California. In
March, when his bosses learned that he intended to unleash SATAN into the
world, they gave him an ultimatum: publish if you want to perish. He
published. Now he's on the market, looking for a new job.
 
 
Copyright 1995 Time Inc. All rights reserved.
 
 
Transmitted:  95-04-09 11:21:55 EDT
 
==================================

ATOM RSS1 RSS2