SARA Secuity Scanner

I installed and tested SARA on Linux and Mac OS X. It compiled easily and cleanly on both platforms: ./configure;make; sudo make install.

Sara installs in /usr/local/sara. The first thing you need to do (as root) is cd there and run "./add_user". This will prompt for a user name and password that will be used later to authenticate your access to reports.


Hate these ads?


You then run SARA to scan hosts or networks:

./sara -a4 10.15.8.42
./sara -a4 10.15.8.0/23

The depth of scanning is controlled by the "-a" argument; a4 is the deepest. It only took a few minutes to scan my local network (I only have 6 hosts) at that level. You will probably see messages like

bin/udp_scan: are we talking to a dead host or network?

and it will interfere with communication on your network and possibly even disconnect you from ssh or telnet sessions.

After it completes, you can find text reports in /usr/local/sara/results/sara-data or you can view them in a browser by running "./sara -D" and then connecting to "http://localhost:666".

image of sara results






The web interface can also scan hosts if you edited /usr/local/sara/config/sara.cf and changed "allow_scan" to "1". Other things like the default port and allowed hosts can be changed there, and you can also customize the scanning actions or exclude certain hosts from being scanned. It's all pretty obvious, but the man page is available on-line if you need it.


Technorati tags:

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them.

I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.




Comments


Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments

If you want a picture to show with your comment, go get a Gravatar


ad

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here


book graphic unix and linux troubleshooting guide

My Troubleshooting E-Book will show you how to solve tough problems on Linux and Unix systems!





pavatar.jpg
More:
       - Security
       - MacOSX
       - Linux
       - Unix











Change Congress