[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Security Tools : Security Auditor's Research Assistant (SARA) v3.1.7

Program name: Security Auditor's Research Assistant (SARA) v3.1.7
Author: Advanced Research
Date: 15th August 2000
Homepage: http://www-arc.com/sara
Download: http://www-arc.com/sara

SARA is the Security Auditor's Research Assistant. It is a derved work of SATAN (Security Administrator Tool for Analyzing Networks) developed by Dan Farmer and Wietse Venema. SATAN can be found at porcupine.org. It enhances SATAN by providing (1) an improved user interface, (2) up to date vulnerability tests, and (3) a commercially supported product, SARA Pro. The SARA developers cannot emphasize enough that without the SATAN foundation, SARA would not exist. SATAN is the basis of the security engine, program architecture, and documentation.

In its simplest (and default) mode, it gathers as much information about remote hosts and networks as possible by examining such network services as finger, NFS, NIS, ftp and tftp, rexd, and other services. The information gathered includes the presence of various network information services as well as potential security flaws -- usually in the form of incorrectly setup or configured network services, well-known bugs in system or network utilities, or poor or ignorant policy decisions. It can then either report on this data or use a simple rule-based system to investigate any potential security problems. Users can then examine, query, and analyze the output with an HTML browser, such as Mosaic or Netscape. While the program is primarily geared towards analyzing the security implications of the results, a great deal of general network information can be gained when using the tool - network topology, network services running, types of hardware and software being used on the network, etc.

However, the real power of SARA comes into play when used in exploratory mode. Based on the initial data collection and a user configurable ruleset, it will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts. This not only allows the user to analyze her or his own network or hosts, but also to examine the real implications inherent in network trust and services and help them make reasonably educated decisions about the security level of the systems involved.

(C) 1999-2000 All rights reserved.