SARA was created to provide updated SATAN functionality to the mainstream security community. With the optional report writer, SARA provides excellent networking scanning capabilities without the associated cost of commercial packages. SARA/SATAN design goals were:
Toolkit approach
It would be cost prohibitive to write all of the functionality necessary to
make SARA work. We
decided from the start to use as much information, tools, and
methodologies from the OpenSource/GPL community as possible to create SARA.
In particular, using perl and the HTML interface were vital to the
completion of the package.
Speed/optimization
Optimizing SARA for speed of execution was not much of a design
consideration. It was designed to be an information gathering tool
that would be run periodically; a fairly large network (say, a
thousand nodes) can be scanned in several hours. In all likelihood, the
majority of time consumed when using SARA will be deciding on what
actions to take based on the results that were found. In any case, the
network timeouts and uncertainties make real optimization very
difficult. Fortunately, perl was fast enough (thanks, Larry!) to make
performance a non-issue for most network queries and work.