As a good citizen I should have past this on sooner. frank U.S. DOE's Computer Incident Advisory Capability ___ __ __ _ ___ __ __ __ __ __ / | /_\ / |\ | / \ | |_ /_ \___ __|__ / \ \___ | \| \__/ | |__ __/ Number 95-07 March 29, 1995 In order to provide timely, useful information on the upcoming release of the SATAN tool, CIAC is releasing a special issue of CIAC Notes. Please send your comments and feedback to ciac@llnl.gov. $-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$ $ Reference to any specific commercial product does not necessarily $ $ constitute or imply its endorsement, recommendation or favoring by $ $ CIAC, the University of California, or the United States Government.$ $-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$ A Look at SATAN John Fisher CIAC Team ciac@llnl.gov Introduction Security Administrator Tool for Analyzing Networks, or SATAN, is a tool for investigating the vulnerabilities of remote systems. Systematically moving through a given Internet subdomain, it probes for weakness in each responding system. The vulnerabilities uncovered are then reported to the user. Due to be released April 5, SATAN is the join