[ Thanks to AppWatch
Staff for this announcement: ]
Version 2.0 of the Security Administrator’s Integrated Network
Tool (SAINT) has just been released, with new checks for many
recent remote exploits, including the ht://Dig exploit.
A
history of changes and the relevant
links are available at AppWatch.com.
“SAINT is the Security Administrator’s Integrated Network Tool. In
its simplest mode, it gathers as much information about remote
hosts and networks as possible by examining such network services
as finger, NFS, NIS, ftp and tftp, rexd, statd, and other services.
The information gathered includes the presence of various network
information services as well as potential security flawsusually in
the form of incorrectly setup or configured network services,
well-known bugs in system or network utilities, or poor or ignorant
policy decisions. It can then either report on this data or use a
simple rule-based system to investigate any potential security
problems. Users can then examine, query, and analyze the output
with an HTML browser, such as Mosaic, Netscape, or Lynx. While the
program is primarily geared towards analyzing the security
implications of the results, a great deal of general network
information can be gained when using the toolnetwork topology,
network services running, types of hardware and software being used
on the network, etc.”