Jump to content

Security Administrator Tool for Analyzing Networks

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Qwerfjkl (bot) (talk | contribs) at 08:08, 11 February 2022 (Capitalising short description "vulnerability scanner for networks" per WP:SDFORMAT (via Bandersnatch)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

SATAN
Original author(s)Dan Farmer and Wietse Venema
Written inPerl, Shell scripts
Operating systemUnix
Size767k, uncompressed
Available inEnglish
TypeSecurity software
Websitewww.porcupine.org/satan/

Security Administrator Tool for Analyzing Networks (SATAN) was a free software vulnerability scanner for analyzing networked computers. SATAN captured the attention of a broad technical audience, appearing in PC Magazine[1] and drawing threats from the United States Department of Justice.[1] It featured a web interface, complete with forms to enter targets, tables to display results, and context-sensitive tutorials that appeared when a vulnerability had been found.

Naming

For those offended by the name SATAN, the software contained a special command called repent, which rearranged the letters in the program's acronym from "SATAN" to "SANTA".

Description

The tool was developed by Dan Farmer and Wietse Venema. Neil Gaiman drew the artwork for the SATAN documentation.

SATAN was designed to help systems administrators automate the process of testing their systems for known vulnerabilities that can be exploited via the network. This was particularly useful for networked systems with multiple hosts. Like most security tools, it was useful for good or malicious purposes – it was also useful to would-be intruders looking for systems with security holes.

SATAN was written mostly in Perl and utilized a web browser such as Netscape, Mosaic or Lynx to provide the user interface. This easy to use interface drove the scanning process and presents the results in summary format. As well as reporting the presence of vulnerabilities, SATAN also gathered large amounts of general network information, such as which hosts are connected to subnets, what types of machines they are and which services they offered.[2]

Status

SATAN has fallen from popularity after the height of its popularity in the 1990s. SATAN was released in 1995 and development has ceased. In 2006, SecTools.Org conducted a security popularity poll and developed a list of 100 network security analysis tools in order of popularity based on the responses of 3,243 people. Results suggest[3] that SATAN has been replaced by nmap, Nessus and to a lesser degree SARA (Security Auditor's Research Assistant), and SAINT.

References

  1. ^ a b Tabibian, O. Ryan (April 23, 1996). "Internet Scanner Finds Security Holes". PC Magazine. Ziff Davis, Inc.
  2. ^ Farmer, Dan; Wietse Venema (1993). "Improving the Security of Your Site by Breaking Into it". Sun Microsystems. Eindhoven University of Technology. Retrieved 30 May 2014.
  3. ^ Heiser & Kruse (2002). Computer Forensics: Incident Response Essentials. Lucent Technologies. ISBN 0201707195.