Security Administrator Tool for Analyzing Networks
|Original author(s)||Dan Farmer and Wietse Venema|
|Written in||Perl, Shell scripts|
Security Administrator Tool for Analyzing Networks (SATAN) was a free software vulnerability scanner for analyzing networked computers. SATAN captured the attention of a broad technical audience, appearing in PC Magazine and drawing threats from the United States Department of Justice. It featured a web interface, complete with forms to enter targets, tables to display results, and context-sensitive tutorials that appeared when a vulnerability had been found.
For those offended by the name SATAN, the software contained a special command called repent, which rearranged the letters in the program's acronym from "SATAN" to "SANTA".
SATAN was designed to help systems administrators automate the process of testing their systems for known vulnerabilities that can be exploited via the network. This was particularly useful for networked systems with multiple hosts. Like most security tools, it was useful for good or malicious purposes – it was also useful to would-be intruders looking for systems with security holes.
SATAN was written mostly in Perl and utilized a web browser such as Netscape, Mosaic or Lynx to provide the user interface. This easy to use interface drove the scanning process and presents the results in summary format. As well as reporting the presence of vulnerabilities, SATAN also gathered large amounts of general network information, such as which hosts are connected to subnets, what types of machines they are and which services they offered.
SATAN has fallen from popularity after the height of its popularity in the 1990s. SATAN was released in 1995 and development has ceased. In 2006, SecTools.Org conducted a security popularity poll and developed a list of 100 network security analysis tools in order of popularity based on the responses of 3,243 people. Results suggest that SATAN has been replaced by nmap, Nessus and to a lesser degree SARA (Security Auditor's Research Assistant), and SAINT.
- Tabibian, O. Ryan (April 23, 1996). "Internet Scanner Finds Security Holes". PC Magazine. Ziff Davis, Inc.
- Farmer, Dan; Wietse Venema (1993). "Improving the Security of Your Site by Breaking Into it". Sun Microsystems. Eindhoven University of Technology. Retrieved 30 May 2014.
- Heiser & Kruse (2002). Computer Forensics: Incident Response Essentials. Lucent Technologies. ISBN 0201707195.