|
SAINTwriter
Note: SAINTwriter will be available
in Fall 2000. The information in this document is
subject to change before the product is released.
SAINTwriter is an additional component to
SAINT which plugs into SAINT's graphical user
interface and allows you to generate a variety customized
reports. SAINTwriter features six pre-configured
reports, four report formats (HTML, text, tab-separated
text, and comma-separated text), and over 50
configuration options. This document will cover the
following areas:
- System Requirements
- Installation
- Registration
- Generating pre-configured reports
- Generating custom reports
- Command-line usage
System Requirements
SAINTwriter requires the following software:
- SAINT 3.0 or higher
- PERL 5.004 or higher, which you already have if
you're running SAINT
- A web browser if you wish to use the GUI. (A
command line interface is
available if you don't have a browser.)
SAINTwriter also has the following system requirements:
- One of the following UNIX platforms:
- Linux (x86)
- FreeBSD (x86)
- Solaris (SPARC)
- About 100k disk space in addition to that required
for SAINT. More may be required if you need to generate
large reports.
- At least 16M memory is recommended. More may be
necessary for very large scans.
Installation
Installation of SAINTwriter can be done in three easy
steps.
- Go to
http://www.wwdsi.com/saintwriter and follow the
instructions for downloading SAINTwriter. Note that
you must choose the correct operating system and
architecture for your system in order for SAINTwriter to
work. If you are not sure which one to download, try
one and see if it works. If you see an eight-digit
serial number on the registration screen,
you chose the right one.
- Set executable mode on the file, i.e.
chmod u+x saintwriter
- Place the downloaded file in the saint-x.x/bin
directory. For example, if you are using saint-3.0, you
would enter:
mv saintwriter saint-3.0/bin
That's all there is to it. SAINTwriter is now ready to use.
Registration
SAINTwriter can be used for free to generate reports
on a limited number of hosts. To use the product in this
fashion, simply install it and begin.
To report on a larger number of hosts, a license key is required.
The key can be generated by registering the product.
To register the product:
- Go to http://www.wwdsi.com/saintwriter
and follow the instructions for registering the product.
The registration procedure will allow you to create
a user account and password.
- When payment is received,
you will be allowed to log into your account and generate
a key to use SAINTwriter. When you generate your
key, you will be asked to enter your specific Class C
network(s).
- Place the key in your saint directory. At
this point you can begin using SAINTwriter.
When you register the product, you will be able to customize
your license. Licenses vary in the number of
Class C networks that may be included in your key,
the maximum number of hosts on those networks that may be
included in your reports, and
the number of times you may re-generate your key for
different sites. The key will correspond to your selection.
Once your key is in place, you will be able
to use it to generate reports on scans of any set of hosts
which meet the conditions of your license.
If the scan includes more hosts than your license allows,
or if it includes hosts on networks
which are not included in your key, then you will see
a message indicating that a subset of the scanned hosts
will be excluded from the report.
Generating Pre-configured Reports
SAINTwriter includes six pre-configured reports
designed to quickly provide reports which will be the
most useful for specific purposes. To generate a pre-configured
report:
- From the SAINT GUI, go to Data Analysis, and
from there go to SAINTwriter.
- Read the descriptions of the six pre-configured
reports and select the one which best suits your needs.
- Do not choose customize. (This option will
be discussed below.)
- Choose the report format.
- HTML is usually the best
choice, and is the only format which allows you to see
pie charts and bar graphs.
- Text is a useful alternative
if you intend to view the report on a machine without a
web browser.
- Tab-separated and comma-separated reports
are useful for importing into documents, spreadsheets,
or databases. These formats are useful with the
Technical Overview report.
- Click on the Continue button to create your report.
If you chose HTML format, you will be able to view the
report at this point. If you chose a different format,
it may appear misformatted. This is okay; it will look
right when it is saved.
- Save the report. In most browsers, this is done by
choosing Save As under the File menu.
In Lynx, the procedure is slightly different; at
the previous step, highlight the Continue button
and press D to save the report.
Generating Custom Reports
To generate a custom report, follow the same procedure
as for a pre-configured
report, selecting the report type you want to customize.
But do check the customize box. When you
click on the continue button, the configuration
screen will appear. The configuration screen is
a form containing every available SAINTwriter option,
pre-loaded with the default values for the report type
you selected. Each item on the configuration screen has
a description of what the item does to the report, so
a description of the individual options will not be
discussed here.
At the top of the configuration screen is a hyperlinked table
of contents to help you navigate through the form. When
you are finished customizing the report, click on the
Go button to save the changes and generate the
report.
The sections of the configuration screen are as follows:
- Charts, Lists, and Technical Details are the
three main sections of the report. Charts present an
overview in the form of pie charts, bar graphs, and tables.
Lists are tables which present more specific information on hosts
and vulnerabilities. Technical details, the most in-depth part
of the report, contains text from SAINT's tutorials. These
sections of the configuration form are where you choose
exactly what parts will and will not be included in the
report, and other options which affect
the way the information is presented.
- Vulnerabilities: This section allows you
to specify which vulnerabilities to include in the report.
There are options to select all vulnerabilities in
a given severity level, and options to select specific
vulnerability categories and services. This part of the
form is generated dynamically; only the vulnerability
categories and services relevent to the current scan
results will be presented as options.
- Sorting: This section allows you to specify
the order in which the hosts, subnets, vulnerability
categories, and tutorials will be sorted.
- Hosts: This section allows you to narrow
your report down to specific domains, IP address
ranges, or host types.
- Format: This section contains the same
format options as the previous screen. If the format
has already been chosen, it will not need to be changed.
- Other options: This section contains
miscellaneous options.
- Go: Go to this section when you are finished
configuring the report. Clicking on the Go button
will save any changes and generate the report.
Command-line Usage
The SAINTwriter graphical user interface acts
as a user-friendly wrapper for SAINTwriter. If the
GUI is not desired, SAINTwriter can be used directly
from the command line instead. This may be desirable
when non-HTML reports are being generated, or on
machines which don't have a browser.
To use SAINTwriter from the command line, change
to the saint-x.x directory (e.g.
saint-2.1.2). The syntax is:
bin/saintwriter [-s] [-c configuration]
The -s option causes SAINTwriter to output the
serial number and then exit.
The -c option specifies
the configuration file. This is typically one of the six
reports: full.cf, long_exec.cf, short_exec.cf, tech.cf, linked_tech.cf,
or detail.cf. But the configuration file can be anything that exists
in the config/saintwriter
directory. If the -c option is omitted, the default
configuration file is full.cf.
The output from SAINTwriter goes directly to standard output,
so you'll usually want to redirect standard output to a
file, e.g.
bin/saintwriter -c full.cf > report.html
Reports can be customized by editing the corresponding
configuration file in the config/saintwriter
directory. (This is also where you need to put
the registration code.) As in SAINT, all
options in SAINTwriter have a corresponding variable in
the SAINTwriter configuration file. The default configuration
files contain descriptive comments to help you configure
the report, and the configuration variables appear in
approximately the same order as in the GUI's configuration
screen.
The only tricky part to editing the configuration by hand
is in the Vulnerabilities
section, and only if you are selecting specific categories rather than
an entire severity level. These options are created
dynamically by the GUI based on the scan results, so
they do not have corresponding variables in the configuration
file by default. If you wish to select a specific vulnerability category
or service, you must create a new variable and set its value
to "on". The variable name is the severity color, followed by
an underscore, followed by the category or service name, with spaces
replaced by underscores. The new variable should be placed between
the "begin vulnerabilities" comment and the "end vulnerabilities"
comment. For example, if you wish to tell SAINTwriter to include
all "http cgi access" vulnerabilities with "red" (critical)
severity, the configuration would look like this:
# Begin vulnerabilities (do not remove this line)
$red_http_cgi_access = "on";
# End vulnerabilities (do not remove this line)
Of course, this is not necessary if the $allreds
variable is set to "on", because this variable
already includes all "red" vulnerabilities.
Back to the Documentation TOC/Index
|