Security Administrator Tool for Analyzing Networks

Security Administrator Tool for Analyzing Networks (SATAN) was a free software vulnerability scanner for analyzing networked computers. SATAN captured the attention of a broad technical audience, appearing in PC Magazine[1] and drawing threats from the United States Department of Justice.[1] It featured a web interface, complete with forms to enter targets, tables to display results, and context-sensitive tutorials that appeared when a vulnerability had been found.

SATAN
Original author(s)Dan Farmer and Wietse Venema
Written inPerl, Shell scripts
Operating systemUnix
Size767k, uncompressed
Available inEnglish
TypeSecurity software
Websitewww.porcupine.org/satan/

Naming

For those offended by the name SATAN, the software contained a special command called repent, which rearranged the letters in the program's acronym from "SATAN" to "SANTA".

Description

The tool was developed by Dan Farmer and Wietse Venema. Neil Gaiman drew the artwork for the SATAN documentation.

SATAN was designed to help systems administrators automate the process of testing their systems for known vulnerabilities that can be exploited via the network. This was particularly useful for networked systems with multiple hosts. Like most security tools, it was useful for good or malicious purposes – it was also useful to would-be intruders looking for systems with security holes.

SATAN was written mostly in Perl and utilized a web browser such as Netscape, Mosaic or Lynx to provide the user interface. This easy to use interface drove the scanning process and presents the results in summary format. As well as reporting the presence of vulnerabilities, SATAN also gathered large amounts of general network information, such as which hosts are connected to subnets, what types of machines they are and which services they offered.[2]

Status

SATAN has fallen from popularity after the height of its popularity in the 1990s. SATAN was released in 1995 and development has ceased. In 2006, SecTools.Org conducted a security popularity poll and developed a list of 100 network security analysis tools in order of popularity based on the responses of 3,243 people. Results suggest[3] that SATAN has been replaced by nmap, Nessus and to a lesser degree SARA (Security Auditor's Research Assistant), and SAINT.

gollark: Is it possible to have a "channel" like IRC has?
gollark: Obviously I am to selfhost all things for dubious reasons.
gollark: Irregardlessfully, there are no good options aë so I MAY deploy Prosody or something.
gollark: I don't think you can conveniently know all the time whether your network is "reliable" or not, and if it is made a setting somewhere it would be apiaristically easy to forget to enable it.
gollark: If a connection breaks at an inconvenient time then you don't know if your thing actually went through or not. Especially with the negative acknowledgement design.

References

  1. Tabibian, O. Ryan (April 23, 1996). "Internet Scanner Finds Security Holes". PC Magazine. Ziff Davis, Inc.
  2. Farmer, Dan; Wietse Venema (1993). "Improving the Security of Your Site by Breaking Into it". Sun Microsystems. Eindhoven University of Technology. Retrieved 30 May 2014.
  3. Heiser & Kruse (2002). Computer Forensics: Incident Response Essentials. Lucent Technologies. ISBN 0201707195.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.