You need to check out Reese Web, Inc., their product and security audit service
is far more comprehensive than SATAN and it is commercially supported.
http://www.TampaWeb.com/ReeseWeb/
>SATAN (Security Analysis Tool for Auditing Networks) is a software tool for
>assessing Internet host and network security. SATAN tests hosts systems to
>determine which Internet services are sent and whether those services are
>configured or contain vulnerabilities that an intruder could exploit. SATAN
>provides limited information on how to correct vulnerabilities as well as a
>modest tutorial on host system security. SATAN can test individual hosts or
>entire networks of hosts systems. SATAN is an analysis and reporting tool
>only; it does not break into systems or exploit new and/or rare
>vulnerabilities.
>
>All the vulnerabilities it finds are well known and have either bulletins
>and/or patches from an incident response team or a vendor. However, as with
>most tools of this type, not just system administrators but intruders will
>undoubtedly use SATAN to find vulnerabilities in certain systems and then they
>will exploit these systems. Thus, while the tool aids a conscientious
>secure-aware administrator, it does increase the risk to the unwary
>administrator.
>
>You can find this in the following web site:
>http://www.fish.com/~zen/satan/satan-me.html
>
>Tools similar to SATAN have been available for years . One that comes to
Raxco
>Security Toolkit. Actually, this has been renamed as Axent ESM (Enterprise
>Security Manager). I've used it in the past and it is quite good.
|
|
