4754718 2000-02-02 08:10 /65 rader/ Postmaster Mottagare: Bugtraq (import) <9591> Ärende: SARA Security Auditor -- a new tool ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: BUGTRAQ@SECURITYFOCUS.COM MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Message-ID: <022701bf6d2f$5783a900$6600a8c0@WWWARC.COM> Date: Tue, 1 Feb 2000 22:41:07 -0500 Reply-To: Security <security@ARC.COM> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Security <security@ARC.COM> X-To: BUGTRAQ@SECURITYFOCUS.COM To: BUGTRAQ@SECURITYFOCUS.COM INTRODUCTION We would like to announce the availability of a sorta new network security auditor that is based on the original SATAN architecture. The product is called the Security Auditor's Research Assistant (SARA). Of course it is free, and it has been field used sucessfully in several enterprises where it has scanned tens of thousands of hosts. In addition, we offer a commercially oriented product called SARA Pro that we will soon offer free of charge to U.S. Government agencies (.gov and .mil). SARA Pro's claim to fame is a commercial grade report writer that is easily imported to Microsoft Word. Information on SARA and SARA Pro can be found at http://www-arc.com/sara. If interested, you can subscribe (subscribe sara-l) to our listserver at list@mail-arc.com. DETAILS SARA has been around for over a year. It was based on the SATAN code but was enhanced to (1) more quickly respond to today's exploits and (2) provide a real-time report writer that would generate professional looking reports for management and the technical staff. We are members of several Incident Response Teams (IRTs). In this role,we often discover exploits before they are documented in the various lists, including securityfocus (e.g., rpc.cmsd and sadmind). When we find these exploits, we (1) report to bugtraq and (2) develop tests for SARA. We are confident that SARA is always up to date! Why are we peddling SARA? To be quite honest, we want it to be used and extended. We recently introduced SARA extensions for those who want to build new subprograms for SARA. What's in it for us? Hopefully less work as more folks contribute to its development. We are doing this completely "out of hide" (as many of you are quite familiar). Check it out. If you like it, tell us. If you don't like it, tell us (but please be kind). Thnaks for your attention. ______________________________________________ Advanced Research Corporation http://www-arc.com (4754718) ------------------------------------------(Ombruten)