Linux tcp_scan patch for Satan

Linux tcp_scan patch for Satan

Post by Eric C Hagbe » Mon, 24 Apr 1995 04:00:00

: Here are my patches to Wietse Venema's tcp_scan.c, as shipped
: in satan-1.0 and satan-1.1.1.  Without this patch, tcp_scan
: on Linux 1.2.0 (and presumably all other rev's) will stall on
: the first port that gives ECONNREFUSED.  With this patch,
: it looks like it works fine.  Your Mileage May Vary.

That patch does indeed fix the tcp_scan problem... however, I've found
that in my 1.0 copy of Satan, it correctly identifies bad things like
"rshd trusts the world" on machines where, indeed, rshd doesn trust the

However, in Satan 1.1.1, with the same patches applied, the vulnerability
is not detected! Big time bummer.

I wonder what else has changed...

Eric Hagberg                          Phone: 212-746-4622
User Services Manager                 Fax:   212-746-8161
Office of Academic Computing      Cornell Medical College