[SARA IMAGE] SARA Reference

(Security Administrator Research Assistant)


  1. SARA Architecture
    1. Architecture overview
    2. Magic cookie generator
    3. Policy engine
    4. Proximity levels
    5. Target acquisition
    6. Subnet scan
    7. Data acquisition
    8. Scanning levels
    9. Inference engine
    10. Reporting and Analysis

  2. The SARA User Interface
    1. The Basics
    2. Gathering Data
    3. Data Management
    4. Looking at and understanding the results
    5. Hints, Further tricky security implications, or Getting The Big Picture (tm)
    6. The Command-line Interface

  3. The most important file of all - sara.cf

  4. The SARA database record format
    1. facts - just the facts, m'am
    2. all-hosts - all the hosts seen
    3. todo - all the things it did

  5. SARA Rulesets - what makes SARA Go
    1. Overriding/dropping SARA data
    2. Generating new facts
    3. Ascertaining host types
    4. Determining network services
    5. Creating internal task lists
    6. Trust relation classification

  6. Adding your own probes and vulnerabilities


Back to the Documentation TOC