mailing list archives
SARA Security Auditor -- a new tool
From: security () ARC COM (Security)
Date: Tue, 1 Feb 2000 22:41:07 -0500
We would like to announce the availability of a sorta new
network security auditor that is based on the original
SATAN architecture. The product is called the Security
Auditor's Research Assistant (SARA). Of course it is free,
and it has been field used sucessfully in several enterprises where
it has scanned tens of thousands of hosts. In addition, we offer
a commercially oriented product called SARA Pro that we will
soon offer free of charge to U.S. Government agencies (.gov
and .mil). SARA Pro's claim to fame is a commercial grade
report writer that is easily imported to Microsoft Word.
Information on SARA and SARA Pro can be found at
http://www-arc.com/sara. If interested, you can subscribe
(subscribe sara-l) to our listserver at list () mail-arc com
SARA has been around for over a year. It was based on the
SATAN code but was enhanced to (1) more quickly respond
to today's exploits and (2) provide a real-time report writer that
would generate professional looking reports for management and
the technical staff.
We are members of several Incident Response Teams (IRTs). In
this role,we often discover exploits before they are documented in
the various lists, including securityfocus (e.g., rpc.cmsd and sadmind).
When we find these exploits, we (1) report to bugtraq and
(2) develop tests for SARA. We are confident that SARA is always
up to date!
Why are we peddling SARA? To be quite honest, we want it to be used
and extended. We recently introduced SARA extensions for those who
want to build new subprograms for SARA.
What's in it for us? Hopefully less work as more folks contribute to its
development. We are doing this completely "out of hide" (as many of you
are quite familiar).
Check it out. If you like it, tell us. If you don't like it, tell us (but
Thnaks for your attention.
Advanced Research Corporation