____________________________________________________________________
Protecting Networks with Satan
by Martin Freiss. Translated by Robert Bach. O'Reilly & Associates 1998
(English edition, first edition 1997) 112 pages. Index, one appendix.
$19.95. ISBN 1-56592-425-8.
  Reviewed by Robert Bruen, Cipher Book Review Editor
____________________________________________________________________

When SATAN was first released about four years ago, it caused quite
a stir in the press and and in the field. The quick discovery of
a security hole with its subsequent fix also got a lot of attention.
The nonsense had mercifully subsided, but SATAN still remains a helpful
tool. Although it is naturally limited in what it can do, it does some
necessary things, making it a standard tool for systems and network
managers. I have heard it said that SATAN is obsolete because another
package is on its way, but I have not yet seen such a package, so
this book is still quite relevant.

This book is a translation from the German edition published last year,
bringing non-German readers up to par. Since SATAN has been freely
available for some time this book is a little late in getting out. It
would have been helpful if it had been published soon after the
software was released. It is still helpful, however, especially for the
overworked sysadmin who has yet to really get a handle on security. Freiss
not only explains SATAN, but covers the rationale behind each test it
performs thereby extending the reader's knowledge of security.

Protecting Networks is a practical how-to book, so I followed the
directions to acquire, install and run SATAN according to the book. I
was happy to discover that they were clear and accurate. To be fair, I
had done this when SATAN first became available. This time I used a 4.2
Redhat Linux which is not straight forward, as warned by author.
As expected it would not compile, but it was easy to find the five
pieces of code with the same, unnecessary, automatically generated line,
delete the lines, then compile. It ran fine. Trying it next on 5.1, I
encountered a different problem, but it was easily identified and fixed.
The generous folks at CEBAF have made a set of include files for Linux
that handle the vast majority of the Linux idiosyncrasies.

The architecture of SATAN is well presented along the things SATAN does
and does not do. There is a chapter on how to extend SATAN to the things
you wish it had done in the first place. For those who worry about being
attacked by SATAN, there is chapter describing how to recognize an attack,
as well how to get the software (Gabriel and Courtney) to help you.

I found this book a quick, easy, useful read. It works well as a general
introduction to system security through its explanations of why, for
example, NIS and NFS have security problems. I cannot comment on the
German edition, but the product of the translation by Robert Bach is
a good one. It's recommended for getting the most of out SATAN and for
folks who need more reading in systems security, especially for the price.
______________________________________________________________________