[SATAN IMAGE]Philosophical Musings

Why build it?

 Why did we create SATAN? Quite simply, we wanted to know more about network security, particularly with respect to large networks. There is an enormous amount of information out there, and it is definitely not clear by examining information and hosts by hand what the real overall security picture is. SATAN was an attempt to break new ground, to promote understanding, and to have fun writing such a program.

Money, endorsements, recording contracts, etc.

For the record, no one gave us any money to build the tool; the development was done on our own time and equipment. No one (including our current employers) endorses or directly supports it.

Why does it scan sites other than your own?

All the hosts scanned with SATAN are done so because it gives a clearer picture of what the network security of your site is, by examining the webs of trust and the possible avenues of approach or attack. Since there is no way that SATAN could, a priori, know where it is going to scan, we decided that instead of placing artificial constraints on the program, we would allow the system administrator to place their own constraints on where SATAN would run, via the configuration file ( targeting exceptions.)

Why wasn't there a limited distribution, to only the "white hats"?

History has shown that attempts to limit distribution of most security information and tools has only made things worse. The "undesirable" elements of the computer world will obtain them no matter what you do, and people that have legitimate needs for the information are denied it because of the inherently arbitrary and unfair limitations that are set up when restricting access.

Future directions

We're almost certainly going to continue development on SATAN. At the top of our wish list is a way to graphically display the network maps, especially with respect to the webs of trust. This is a hard problem! Our main goal right now is to get a solid product out, and see how it's received by the world; the response will drive our development. In addition, we haven't had much of a chance to play with the program ourselves, so once the dust clears, we'll probably have a better view of where we'll take the program.
Back to the Introductory TOC/Index