A powerful, potentially harmful program will be unleashed on the Internet today. Could it be?SATAN? The Security Administrator Tool for Analyzing Networks is a computer program that searches out vulnerabilities in UNIX-based computer systems, according to David Millar, University security officer for data administration. In a letter distributed campus-wide, Millar explained that once weaknesses are found, they can be fixed by those who run the system -- or exploited by computer hackers who have the program. "SATAN will be freely distributed," Millar wrote. "And anyone with a sufficiently powerful UNIX workstation will be able to scan PennNet for security vulnerability." Millar said that administrators will begin scanning PennNet first thing today so that they can be ahead of computer hackers. SATAN is scheduled for release at 2 p.m. today, according to a letter from the Computer Emergency Response Team, a federally-funded Internet security agency. The letter, provided by Associate Vice Provost of Information Systems and Computing Services Dan Updegrove, explained that weaknesses found using SATAN can be fixed using instructions that come with the software. If the software falls into the hands of computer hackers who break into the networks, "sensitive data (?including passwords) could be disclosed, altered or deleted, and computer systems could be rendered inoperable," CERT wrote. "For years, computer administrators have been playing cat and mouse games with computer hackers," Updegrove said. "We've been looking for an economical method [like SATAN] to protect systems." This new software will help computer administrators keep up with hackers because "hackers may have nothing else to do besides break into computers, while computer administrators have other lives," Updegrove explained. "[SATAN] puts many security programs of the past into one easy to use package," he added. Although SATAN may be easy to acquire through the Internet, the average computer user will not be able to run this program. "It takes a pretty heavy UNIX-based system to run the program," Updegrove said. "It will not run on a PC or a Mac." Millar's letter said that any attempts to run SATAN in order to probe systems without permission may be considered break-in attempts and can cause damage to computers or systems. Information provided by Updegrove explained that SATAN might explore systems that the user did not even want to search. "Sites running SATAN for a legitimate purpose may accidentally scan your system via SATAN's exploratory mode," according to the letter from CERT.
The Daily Pennsylvanian is an independent, student-run newspaper. Please consider making a donation to support the coverage that shapes the University. Your generosity ensures a future of strong journalism at Penn.
DonatePlease note All comments are eligible for publication in The Daily Pennsylvanian.
