SAINT Security Administrator’s Integrated Network Tool

SAINT, or Security Administrator’s Integrated Network Tool, is a vulnerability scanner that allows network administrators to scan their local area networks for security flaws. SAINT can then prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fixes and recommended security procedures. While SAINT was originally developed for UNIX based systems, it has recently been ported to Mac OS X.

Installation

Installation of SAINT may be a rough task to those not familiar with UNIX. Users are expected to know how to use the terminal to run the installer with sudo, and to use sudo to run SAINT once it has been installed (the appropriate commands are listed at the end of this review). Once SAINT has been started, it launches Internet Explorer to provide its user interface. No option is given to use a different browser.

Command-line help:

To install SAINT, download it to your desktop, then open up Terminal. The following commands will start the installer:

Cd ~/Desktop
Sudo./saint-install-5.0.1

To start SAINT, type the following:

Cd ~/Desktop/saint-5.01
Sudo ./saint

Tip

To remove SAINT:
Sudo rm -rf ~/Desktop/saint-5.01

Review

Once SAINT is running, however, things become much easier. The tabbed based interface is fairly familiar and documentation is easily accessible. To use SAINT, the user only needs to know the IP ranges of the machines to scan. SAINT provides 6 different levels of scanning intensity, allowing for long/involved scans or quick checks. Scan results can be viewed in real time, and all scan data is conveniently saved into an internal database that is stored even between sessions. Scans can even be scheduled to be preformed at a specific date or on regular intervals, and through use of OS X’s cron daemon the scans will run in the background with no user interaction required.

SAINT’s scan covers a staggering amount of vulnerabilities, ranging from warnings about open shares or writable directories, to more critical problems such as services with known buffer overflows. SAINT’s comprehensive scan uses the Common vulnerabilities and Exposures (http://cve.mitre.org/) database to provide detailed information and updates on each vulnerability. SAINT releases updates regularly to keep SAINT’s scanning abilities up to speed.

SAINT’s reports are also very professional. SAINT supports 6 different types of reports with varying detail, allowing for everything from a quick overview to detailed technical summaries. For more information on vulnerabilities SAINT provides automated links to CVE bulletins. CVE, or Common Vulnerabilities and Exposures, provides a standardized list of vulnerabilities that many different vendors reference.

Overall

Because of it’s UNIX roots, SAINT may be difficult to get running for those who are inexperienced with the command line. However, SAINT’s reporting tools and automated scans make it worthwhile.