Board index Linux Applications

satan on linux (a README for the patch)

satan on linux (a README for the patch)

Post by Richard D. Yent » Sat, 12 Aug 1995 04:00:00



To get satan to run under linux get the patch from sunsite.unc.edu (or
a mirror) (/pub/Linux/system/Network/admin/satan-linux.1.1.1.diff.gz)
I did not write the patch (and I have no idea who did) I just noticed
that it was there without a readme.  I also noticed a lot of questions
about how to get satan to work with linux (there is even one in the
satan documentation trouble shooting section), so I put this readme
together.

Since I did not write the patch I can't make any claims about it,
including whether or not it works properly or whether it might break or
damage you computer or the software on it.

I had a lot of trouble getting this patch to work.  For one thing the
version of perl 5 on sunsite (perl5.001l-linux-a.out.tar.gz) does not
handle globs which the reconfig script wants.  So I had to get
perl5.001m (perl5.001m.tar.gz) and compile it myself.  This required
that I get the dld library (dld.3.2.7.tar.gz on sunsite mirrors).  The
perl FAQ suggested that older bash programs might have problems so I
upgrade my bash as well (bash-1.14.4.tar.gz)

You will need to get satan-1.1.1 to use the patch.  To find the source
you can look at the satan home page:
        http://www.fish.com/~zen/satan/satan.html
or look at this list which I got from a link from the home page:

 Europe
  ftp://ftp.cs.ruu.nl/pub/SECURITY/satan-1.1.1.tar.Z
  ftp://ftp.wi.leidenuniv.nl/pub/security/
  ftp://ftp.win.tue.nl/pub/security/
  ftp://ftp.kulnet.kuleuven.ac.be/pub/mirror/ftp.win.tue.nl/security/
  ftp://ftp.denet.dk/pub/security/tools/satan/
  http://ftp.luth.se/pub/unix/security/
  ftp://ftp.luth.se/pub/unix/security/
  ftp://ftp.cert.dfn.de/pub/tools/net/satan/
  ftp://ftp.informatik.uni-kiel.de/pub/sources/security/MIRROR.ftp.win....
  ftp://ftp.kfki.hu/pub/util/security/ftp.win.tue.nl/
  ftp://cnit.nsk.su/pub/unix/security/satan
  ftp://ftp.csi.forth.gr/pub/security/
  ftp://ftp.ox.ac.uk/pub/comp/security/software/satan/
 USA
  ftp://coast.cs.purdue.edu/pub/tools/unix/satan/
  ftp://ciac.llnl.gov/pub/ciac/sectools/unix/satan/
  ftp://ftp.acsu.buffalo.edu/pub/security/
  ftp://ftp.cerf.net/pub/software/unix/security/
  ftp://ftp.mcs.anl.gov/pub/security/
  ftp://ftp.net.ohio-state.edu/pub/security/satan/
  ftp://ftp.tisl.ukans.edu/pub/security/
  ftp://sunsite.unc.edu/pub/packages/security/
  ftp://vixen.cso.uiuc.edu/security/
 Australia
  ftp://ftp.auscert.org.au/pub/mirrors/ftp.win.tue.nl/
  ftp://ftp.dstc.edu.au/pub/security/satan/
  ftp://coombs.anu.edu.au/pub/security/satan/

Then you need to get the a perl that works (since then one on sunsite
(perl5.001l-linux-a.out.tar.gz) didn't work for me I would suggest
getting the latest or at least "1m" which is what I used.)  From the
perl FAQ (posted to comp.lang.perl.announce, comp.lang.perl.misc,
comp.lang.perl, comp.answers, news.answers, and I would think is on
rtfm.mit.edu):

    North America:
        ftp://ftp.netlabs.com/pub/outgoing/perl5.0/         192.94.48.152
        ftp://ftp.cis.ufl.edu/pub/perl/src/5.0/             128.227.100.198
        ftp://prep.ai.mit.edu/pub/gnu/                      18.71.0.38
                not current as of 7/15/95
        ftp://ftp.uu.net/languages/perl/                    192.48.96.9
                not current as of 7/15/95
        ftp://ftp.khoros.unm.edu/pub/perl/                  198.59.155.28
                not current as of 7/15/95
        ftp://ftp.cbi.tamucc.edu/pub/duff/Perl/             165.95.1.3
        ftp://ftp.metronet.com/pub/perl/sources/            192.245.137.1
        ftp://genetics.upenn.edu/perl5/                     128.91.200.37

    Europe:
        ftp://ftp.cs.ruu.nl/pub/PERL/perl5.0/src/           131.211.80.17
        ftp://ftp.funet.fi/pub/languages/perl/ports/perl5/  128.214.248.6
        ftp://ftp.zrz.tu-berlin.de/pub/unix/perl/           130.149.4.40
        ftp://src.doc.ic.ac.uk/packages/perl5/              146.169.17.5

    Australia:
        ftp://sungear.mame.mu.oz.au/pub/perl/src/5.0/       128.250.209.2

    South America (mirror of ftp://prep.ai.mit.edu/pub/gnu):
        ftp://ftp.inf.utfsm.cl/pub/gnu/                     146.83.198.3

The patch seemed to work well once I figured out that it was different
from other patches that I used and seemed to need two copies of the
source code.  The second bit of confusion is that the resulting
hierarchy called satan-1.1.1.linux is the NON-patched version while
satan-1.1.1.clean was the patched version.  Next time I will pay more
attention and look for the .orig files :) At any rate the following
works (if there is a better way to use this type of patch let me
know.)

tar -xzf satan-1.1.1.tar.gz
mv satan-1.1.1 satan-1.1.1.linux
tar -xzf satan-1.1.1.tar.gz
mv satan-1.1.1 satan-1.1.1.clean
zcat satan-linux.1.1.1.diff.gz | patch
cd satan-1.1.1.clean
reconfig
make linux
./satan # to test

The reason why I needed to run satan on linux in the first place is
that I had a summer intern-ship assisting a companies security
administrator.  I am posting this because I would like to encourage
companies to use linux, since think that that is good for the linux
community in general.  As the satan readme says:

        Last but not least, SATAN was written to improve Internet
        security. Don't put [their] work to shame.

Richard Yentis, Jr.

 
 
 
Top

1. obsoleted patch references in kernel patch README file

I've complained about these before, but this time I kept the examples.
Here's those from the README for

118558-24 SunOS 5.9: Kernel Patch

with a little context (and comments in square brackets), but other stuff
that wasn't a problem removed.  What's obsoleted by what was per a
patchdiag.xref no more than a day or two old.  The reason these are all
annoying is because 118558-xx requires 112233-12 anyway, which obsoletes
all the patches below (a number of which are revs that were never even
created)  So all that stuff could be removed from the README, which would
be helpful for those of us who check the entire README to see that we have
all other applicable patches referenced already installed, not just those
on the required line.  Please clean this up, folks!

NOTE 4:  To get the complete Enchilada/Stiletto feature, please also install the
         install the following patches:

         113218-06 (or greater)  PCI support
[113218-08 obsoleted by 112233-07]
         114382-01 (or greater)  bge driver patch
[114382-01 obsoleted by 112233-07]
         114384-01 (or greater)  mc-us3i driver patch
[114384-02 obsoleted by 112233-07]

NOTE 7:  To get the complete Jaguar CPU Productization feature, please also
         install the following patches:

         112841-08 (or greater)  drmach (SF15K) patch
[112841-07 obsoleted by 112233-11]
         113489-05 (or greater)  sbd & sbdp patch
[113489-04 obsoleted by 112233-11]

NOTE 8:  To get the complete fix for bug 4729275 (Allow Crystal 2A
         to run  at 90MHZ/PCI-X on hsPCI+), please also install the
         following patch:

         113445-03 (or greater)  schpc patch
[113445-02 obsoleted by 112233-11]

NOTE 11: To get the complete fix for Sunfire V250 Enchilada Tower feature,
         please also install the following patches:

         113218-09 (or greater)  pcipsy patch
[113218-08 obsoleted by 112233-07]

--

Lasik/PRK theme music:
    "In the Hall of the Mountain King", from "Peer Gynt"

2. Compatibility between RPC's

3. SATAN-1.1.1 w/linux patches - runs ???

4. xcdroast causing network connection to timeout?!?

5. READMEs for J2SE patches incomplete

6. need help with select() problem

7. interpretation of readme of patch

8. Module Compile Problems - Experts only apply here.

9. SATAN(tcp_scan.c) patches for Linux

10. Linux tcp_scan patch for Satan

11. automatic patch README download

12. Patches for linux to run Satan?

13. README- floppy fix for 1.1.51 (from NFS.PATCH)


All times are UTC
Board index