WHY NOT TO USE FARMER & VENEMA'S "SATAN" NETWORK-SECURITY CHECKER


There aren't _really_ compelling reasons, but you should be aware
of SATAN's built-in problems.

SATAN has not been maintained since 1995 (v. 1.1.1).  The authors' original
hope was for third-party plug-ins to keep it up to date, but the project
appears to be pretty much dead.

The package's licence is mostly a free-software one, but not entirely:
Most rights to money-making use of the package as a whole are _not_ 
granted to users, and some of the constituent modules provided by
Farmer and Venema are, individually, under restrictive licences.

Additionally, some source modules (such as the MD5 code) are potentially 
subject to USA export restrictions (which have been inoperative on 
no-charge source-provided encryption code from late 2000 onwards).

The latest SATAN is always available at ftp://ftp.porcupine.org/pub/security/.

A proprietary (and much more so, in fact) successor cropped up after
SATAN started stagnating, called SAINT
(http://www.saintcorporation.com/products/saint_engine.html).  This
should not be confused with NetSaint (which has now been renamed to
Nagios, http://www.nagios.org/), which is a network-monitoring package.
One similar open-source package is VLAD the Scanner:
http://razor.bindview.com/tools/vlad/

COPS does a similar job, but only for the host it's running on, not the 
adjoining network.


Most people, these days, would use snort (http://www.snort.org/) or
Prelude IDS (http://www.prelude-ids.org/) as a networked intrusion
detection system (NIDS).