I installed and tested SARA on
Linux and Mac OS X. It compiled easily and cleanly on both platforms:
./configure;make; sudo make install.
Sara installs in /usr/local/sara. The first thing you need to
do (as root) is cd there and run "./add_user". This will prompt
for a user name and password that will be used later to authenticate
your access to reports.
You then run SARA to scan hosts or networks:
./sara -a4 10.15.8.42
./sara -a4 10.15.8.0/23
The depth of scanning is controlled by the "-a" argument; a4
is the deepest. It only took a few minutes to scan my
local network (I only have 6 hosts) at that level. You
will probably see messages like
bin/udp_scan: are we talking to a dead host or network?
and it will interfere with communication on your network and
possibly even disconnect you from ssh or telnet sessions.
After it completes, you can find text reports in
/usr/local/sara/results/sara-data or you can view them in a browser
by running "./sara -D" and then
connecting to "http://localhost:666".
The web interface can also scan hosts if you edited /usr/local/sara/config/sara.cf and changed "allow_scan" to "1". Other things like the default
port and allowed hosts can be changed there, and you can also
customize the scanning actions or exclude certain hosts from
being scanned. It's all pretty obvious, but the man page is available on-line if you need it.
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Anthony Lawrence
Find me on Google+
© 2012-07-13 Anthony Lawrence