networking, security, tool
(SAINT, originally "Security Administrator Tool for Analyzing Networks", SATAN) A tool written by Dan Farmer and Wietse Venema which remotely probes systems via the network
and stores its findings in a database
. The results can be viewed with an web browser
. SAINT requires Perl
5.000 or better.
In its simplest mode, SAINT gathers as much information about remote hosts and networks as possible by examining such network services as finger
, and other services. The information gathered includes the presence of various network information services as well as potential security flaws - usually in the form of incorrectly setup or configured network services, well-known bugs
in system or network utilities, or poor or ignorant policy decisions. It can then either report on this data or use a simple rule-based system to investigate any potential security problems. Users can then examine, query, and analyze the output with a web browser
. While the program is primarily geared toward analysing the security implications of the results, a great deal of general network information can be gained when using the tool - network topology, network services running, and types of hardware and software being used on the network.
SAINT can also be used in exploratory mode. Based on the initial data collection and a user configurable ruleset, it will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts. This not only allows the user to analyse his own network, but also to examine the real implications inherent in network trust and services and help them make reasonably educated decisions about the security level of the systems involved.
Old SATAN page (http://fish.com/satan/).
Mailing list (http://wwdsi.com/saint/list_server.html).