Update for controversial network security tool

SAINT is based on Dan Farmer and Wietse Venema's controversial security scanning tool SATAN but is developed and supported by WWDSI. It scans networked machines and reports which services -- e.g. http, ftp, finger and NFS -- are available, highlighting any security holes that may exist in individual hosts or the overall network configuration. It runs on many versions of UNIX, including Linux, but not MS Windows. However, SAINT's use of a Web front-end means that it can be installed on a UNIX server and controlled from any computer with a Web browser.

Version 1.3.6 of SAINT fixes compilation problems on Sun Solaris 7 and a false alarm that was formerly generated for writable FTP directories on Microsoft IIS servers. It speeds up the scanning of IMAP servers, adds a test for recently uncovered vulnerabilities in SSH -- Secure Shell -- and has improved detection of TCP Wrapper installations. SAINT's modular design allows users to add tests for other security problems.

SAINT can be downloaded for free but those without access to a suitable UNIX machine can avail themselves of WWDSI's online scanning service. Assessments cost $50 for a single machine or $1,000 for a network of up to 256 IP addresses.