A Brief History of Security Tools

The tools described in this chapter are designed to search for vulnerabilities. They can be used by security administrators to find and fix problems or by hackers to exploit system and network weaknesses. Vulnerability assessment tools have been around for a while. Dan Farmer and Wietse Venema helped start this genre of software in 1995 when they created one of the first vulnerability assessment programs called Security Administrator Tool for Analyzing Networks (SATAN). This program set the standard for many tools to follow; it made it possible to scan for vulnerable computers through the Internet and provided a variety of functions in one package. Although SATAN was a great tool for security administrators, it was also useful to hackers.

Today, there is an untold number of tools that can be used to scan for vulnerabilities and probe for “open doors.” Some of these are legitimate security tools and others have been written by hackers or those without the best of intentions. As a security professional, you will probably want a keep a variety of these tools handy. Just make sure you have written authorization before using them on a network.