[1425] in bugtraq
Re: SATAN ATTACKS EVERYWHERE
daemon@ATHENA.MIT.EDU (Jonathan Stott)
Fri Apr 7 16:06:38 1995
Date: Fri, 7 Apr 1995 14:14:26 -0400
From: Jonathan Stott <jstott@poly.phys.cwru.edu>
To: cklaus@iss.net
Cc: bugtraq@fc.net
> 1. It is HUGE. It eats up tons of disk and ram space. [...]
You don't need to load the whole thing to run the scan (see below). It's
disk space requirements are proportional to the number of hosts you plan on
scanning.
> 2. It requires installing other packages like perl. Most hackers aren't
> able to run anything unless it's a no brainer script. "Gee the bad thing
> is we've been hacked and someone used SATAN, the good thing is that we
> got perl5 and a web browser installed."
Fortunately :-)
> 3. Since you have to use a web browser, you have to either run SATAN from
> the console (umm, really stupid hacker scanning from his own machine) or
> redirect the X Display to his own machine (still really stupid). [...]
You don't need a web browser to run the scan, the command line works
just fine. For example
satan -a 2 somehost
will run a 'heavy' scan against somehost without going through the
browser. The browser becomes really handy when you want to view the
results (but even so, it's not essential - you could make do with just grep
if you were really stuck).
-JS
