____________________________________________________________________ Protecting Networks with Satan by Martin Freiss. Translated by Robert Bach. O'Reilly & Associates 1998 (English edition, first edition 1997) 112 pages. Index, one appendix. $19.95. ISBN 1-56592-425-8. Reviewed by Robert Bruen, Cipher Book Review Editor ____________________________________________________________________
When SATAN was first released about four years ago, it caused quite a stir in the press and and in the field. The quick discovery of a security hole with its subsequent fix also got a lot of attention. The nonsense had mercifully subsided, but SATAN still remains a helpful tool. Although it is naturally limited in what it can do, it does some necessary things, making it a standard tool for systems and network managers. I have heard it said that SATAN is obsolete because another package is on its way, but I have not yet seen such a package, so this book is still quite relevant.
This book is a translation from the German edition published last year, bringing non-German readers up to par. Since SATAN has been freely available for some time this book is a little late in getting out. It would have been helpful if it had been published soon after the software was released. It is still helpful, however, especially for the overworked sysadmin who has yet to really get a handle on security. Freiss not only explains SATAN, but covers the rationale behind each test it performs thereby extending the reader's knowledge of security.
Protecting Networks is a practical how-to book, so I followed the directions to acquire, install and run SATAN according to the book. I was happy to discover that they were clear and accurate. To be fair, I had done this when SATAN first became available. This time I used a 4.2 Redhat Linux which is not straight forward, as warned by author. As expected it would not compile, but it was easy to find the five pieces of code with the same, unnecessary, automatically generated line, delete the lines, then compile. It ran fine. Trying it next on 5.1, I encountered a different problem, but it was easily identified and fixed. The generous folks at CEBAF have made a set of include files for Linux that handle the vast majority of the Linux idiosyncrasies.
The architecture of SATAN is well presented along the things SATAN does and does not do. There is a chapter on how to extend SATAN to the things you wish it had done in the first place. For those who worry about being attacked by SATAN, there is chapter describing how to recognize an attack, as well how to get the software (Gabriel and Courtney) to help you.
I found this book a quick, easy, useful read. It works well as a general introduction to system security through its explanations of why, for example, NIS and NFS have security problems. I cannot comment on the German edition, but the product of the translation by Robert Bach is a good one. It's recommended for getting the most of out SATAN and for folks who need more reading in systems security, especially for the price. ______________________________________________________________________