The html/reporting Directory

The html/reporting directory contains PERL scripts that emit HTML pages that provide summary reports of the vulnerabilities found on targets listed in the SATAN database. The reports can sort by many categories, as can be seen by the large number of scripts. Note the one-to-one correspondence between these filenames and the report screens found in the SATAN, the report “SATAN Information by Subnet” is generated by satan_info_subnet.pl:

•  html/reporting/analysis.pl-. Displays the “SATAN Reporting and Analysis” web page

•  html/reporting/sort_hosts.pl-. Sorts hosts based on specified summary report criteria

•  html/reporting/satan_info_name.pl

•  html/reporting/satan_info_subnet.pl

•  html/reporting/satan_severity_hosts.pl

•  html/reporting/satan_severity_types.pl

•  html/reporting/satan_severity_counts.pl

•  html/reporting/satan_results_danger.pl

•  html/reporting/satan_info_OS.pl

•  html/reporting/satan_info_OSclass.pl

•  html/reporting/satan_results_subnet.pl

•  html/reporting/satan_info_servers.pl

•  html/reporting/satan_info_domain.pl

•  html/reporting/satan_info_trusting.pl

•  html/reporting/satan_info_class.pl

•  html/reporting/satan_info_host.pl

•  html/reporting/satan_info_OStype.pl

•  html/reporting/satan_info_clients.pl

•  html/reporting/satan_info_host_action.pl

•  html/reporting/satan_results_domain.pl

•  html/reporting/satan_info_trusted.pl

•  html/reporting/satan_results_trusted.pl

•  html/reporting/satan_results_trusting.pl

The html/running Directory

The html/running directory contains the two PERL scripts that begin and control the SATAN scans:

•  html/running/satan_run_form.pl. Runs in response to the selection of SATAN Target Selection from the SATAN Control Panel

•  html/running/satan_run_action.pl. Executes the SATAN scan and collects the data when the previous SATAN Run Form screen’s Start the scan field is selected

The html/tutorials Directory

The html/tutorials directory contains useful web pages for understanding SATAN and the vulnerabilities that SATAN finds (the filenames are self-explanatory):

•  html/tutorials/vulnerability_tutorials.pl

•  html/tutorials/first_time/analyzing.html

•  html/tutorials/first_time/learning_to_use.html

•  html/tutorials/first_time/make.html

•  html/tutorials/first_time/scanning.html

The html/tutorials/vulnerability Directory

The html/tutorials/vulnerability directory contains web page tutorial help on each of the vulnerabilities searched for by SATAN, including links to appropriate resources that offer more information:

•  html/tutorials/vulnerability/-NFS_export_to_unprivileged_programs.html

•  html/tutorials/vulnerability/-NFS_export_via_portmapper.html

•  html/tutorials/vulnerability/NIS_password_file_access.html

•  html/tutorials/vulnerability/REXD_access.html

•  html/tutorials/vulnerability/TFTP_file_access.html

•  html/tutorials/vulnerability/remote_shell_access.html

•  html/tutorials/vulnerability/unrestricted_NFS_export.html

•  html/tutorials/vulnerability/-unrestricted_X_server_access.html

•  html/tutorials/vulnerability/-writable_FTP_home_directory.html

•  html/tutorials/vulnerability/Sendmail_vulnerabilities.html

•  html/tutorials/vulnerability/FTP_vulnerabilities.html

•  html/tutorials/vulnerability/unrestricted_modem.html

•  html/tutorials/vulnerability/-SATAN_password_disclosure.html

The html/admin Directory

The html/admin directory contains the PERL scripts that permit a user to dynamically configure the satan.cf settings from the web browser, without having to manually edit the config/satan.cf file. The files in this directory create the SATAN Configuration Management screen and execute configuration changes requested from that screen:

•  html/admin/satan_cf_form.pl. Displays the SATAN Configuration Management Web page

•  html/admin/satan_cf_action.pl. Executes the changes indicated by the SATAN Configuration Management web page, and displays the results of the status of those requested changes

The html/data Directory

The html/data directory contains the PERL scripts that a user invokes to examine or manipulate existing SATAN databases. SATAN stores the results of scans into databases using a standard database record format. These text databases can be merged together or opened for the generation of reports. The files in this directory create the SATAN Data Management screen and execute the actions requested from that screen:

•  html/data/satan_data_form.pl. Displays the SATAN Data Management web page

•  html/data/satan_merge_action.pl. Opens the requested SATAN database and merges it with another

•  html/data/satan_open_action.pl. Opens the requested SATAN database

The src Directory

The src directory contains C source for several utility programs. These are written in C for increased speed and compatibility. The top-level make will invoke makes in each of these directories, which will deposit the executable in the bin directory.

The src/boot Directory

The boot program generates an rpc call to the target system requesting the BOOTPARAM service to get the NIS domain name. As defined by the rules files, this program is invoked by boot.satan only if the remote portmap listing indicates the bootparam service:

•  src/boot/Makefile. Makes the boot program

•  src/boot/boot.c. Contains the boot client program

•  src/boot/bootparam_prot.x. rpcgen uses this .x file to generate the RPC stubs to support boot.c