SAINT (Security Administrator's Integrated Network Tool)
Mac OS X vulnerability Scanner for Networks
SAINT, or Security Administrator's Integrated Network Tool, is a
vulnerability scanner that allows network administrators to scan their
local area networks for security flaws. SAINT can then prepare reports
detailing the extent and seriousness of these weaknesses, as well as
providing links to fixes and recommended security procedures. While SAINT
was originally developed for UNIX based systems, it has recently been
ported to Mac OS X.
Installation of SAINT may be a rough task to those not familiar with UNIX.
Users are expected to know how to use the terminal to run the installer
with sudo, and to use sudo to run SAINT once it has been installed (the
appropriate commands are listed at the end of this review). Once SAINT has
been started, it launches Internet Explorer to provide its user interface.
No option is given to use a different browser.
To install SAINT, download it to your desktop, then open up Terminal. The
following commands will start the installer:
To start SAINT, type the following:
To remove SAINT:
Sudo rm -rf ~/Desktop/saint-5.01
Once SAINT is running, however, things become much easier. The tabbed
based interface is fairly familiar and documentation is easily accessible.
To use SAINT, the user only needs to know the IP ranges of the machines to
scan. SAINT provides 6 different levels of scanning intensity, allowing
for long/involved scans or quick checks. Scan results can be viewed in
real time, and all scan data is conveniently saved into an internal
database that is stored even between sessions. Scans can even be scheduled
to be preformed at a specific date or on regular intervals, and through
use of OS X's cron daemon the scans will run in the background with no
user interaction required.
SAINT's scan covers a staggering amount of vulnerabilities, ranging from
warnings about open shares or writable directories, to more critical
problems such as services with known buffer overflows. SAINT's
comprehensive scan uses the Common vulnerabilities and Exposures
(http://cve.mitre.org/) database to provide detailed information and
updates on each vulnerability. SAINT releases updates regularly to keep
SAINT's scanning abilities up to speed.
SAINT's reports are also very professional. SAINT supports 6 different
types of reports with varying detail, allowing for everything from a quick
overview to detailed technical summaries. For more information on
vulnerabilities SAINT provides automated links to CVE bulletins. CVE, or
Common Vulnerabilities and Exposures, provides a standardized list of
vulnerabilities that many different vendors reference.
New Features in Version 5.0.3:
Multiple Microsoft RPCSS DCOM vulnerabilities
RealNetworks Helix Universal Server/RealSystem Server/RealServer root
exploit via buffer overflow
Multiple cross-site scripting vulnerabilities and a potential privilege
elevation vulnerability in BEA WebLogic Server
WS_FTP APPEND/STAT command buffer overflows
HELO/EHLO command buffer overflow and a format string vulnerability in
Exim mail transfer agent
Hola CMS password file access (htmltags.php)
FoxWeb application development tool buffer overflow vulnerability
PY-Membres administrator access (admin.php)
GtkFTPd LIST command buffer overflow
Because of it's UNIX roots, SAINT may be difficult to get running for
those who are inexperienced with the command line. However, SAINT's
reporting tools and automated scans make it worthwhile.
Developer: SAINT Corporation (http://www.saintcorporation.com)
Free Trial Version
For pricing info visit http://www.saintcorporation.com/order.html
Could not connect!