SAINT Documentation
SAINT Corporation
SAINT Home
--------

SAINTwriter

SAINTwriter™ is an additional component to SAINT which plugs into SAINT's graphical user interface and allows you to generate a variety of customized reports. SAINTwriter™ features seven pre-configured reports, four report formats (HTML, text, tab-separated text, and comma-separated text), and over 50 configuration options. This document will cover the following areas:

  1. System Requirements
  2. Installation
  3. Registration
  4. Generating pre-configured reports
  5. Generating custom reports
  6. Command-line usage

System Requirements

SAINTwriter™ requires the following software:
  • SAINT 3.0 or higher
  • PERL 5.004 or higher, which you already have if you're running SAINT
  • A web browser if you wish to use the GUI. (A command line interface is available if you don't have a browser.)
SAINTwriter™ also has the following system requirements:
  • One of the following UNIX platforms:
    • Linux (x86)
    • Solaris (SPARC)
    • HP-UX 11
    • FreeBSD (x86)
    • OpenBSD (x86)
  • About 100k disk space in addition to that required for SAINT. More may be required if you need to generate large reports.
  • At least 16M memory is recommended. More may be necessary for very large scans.

Installation

Installation of SAINTwriter™ can be done in three easy steps.
  1. Go to http://www.saintcorporation.com/saintwriter and follow the instructions for downloading SAINTwriter. Note that you must choose the correct operating system and architecture for your system in order for SAINTwriter to work. If you are not sure which one to download, try one and see if it works. If you see an eight-digit serial number on the registration screen, you chose the right one.
  2. Place the downloaded file in your saint-x.x directory, where x.x is your version of SAINT. For example, if you are using SAINT™ 3.0:
    mv saintwriter-install.gz saint-3.0
    cd saint-3.0
  3. gunzip the file. (If your browser dropped the .gz extension from the filename, then first rename it so it ends in .gz.)
  4. Set executable mode on the file, i.e.
    chmod u+x saintwriter-install
  5. Run the installation program:
    ./saintwriter-install
That's all there is to it. SAINTwriter is now ready to use.

Registration

SAINTwriter™ can be used for free to generate reports on a limited number of hosts. To use the product in this fashion, simply install it and begin. To report on a larger number of hosts, a license key is required. The key can be generated by registering the product.

To register the product:

  1. Go to http://www.saintcorporation.com/saintwriter and follow the instructions for registering the product. The registration procedure will allow you to create a user account and password.
  2. When payment is received, you will be allowed to log into your account and generate a key to use SAINTwriter™. When you generate your key, you will be asked to enter your specific Class C network(s).
  3. Place the key in your saint directory. At this point you can begin using SAINTwriter™.
When you register the product, you will be able to customize your license. Licenses vary in the number of hosts that may be included in your reports, and in the IP address range of the target network. The key will correspond to your selection. Once your key is in place, you will be able to use it to generate reports on scans of any set of hosts which meet the conditions of your license. If the scan includes more hosts than your license allows, or if it includes hosts on networks which are not included in your key, then you will see a message indicating that a subset of the scanned hosts will be excluded from the report.

Generating Pre-configured Reports

SAINTwriter™ includes seven pre-configured reports designed to quickly provide reports which will be the most useful for specific purposes. To generate a pre-configured report:
  1. From the SAINT GUI, go to Data Analysis, and from there go to SAINTwriter.
  2. Read the descriptions of the seven pre-configured reports and select the one which best suits your needs.
  3. For Trend Analysis reports only: Choose the data sets which you wish to be included in the trend analysis. Hosts and vulnerabilities will be tracked chronologically across the data sets you choose, producing history charts and status classifications.
  4. Choose the report format.
    • HTML is usually the best choice, and is the only format which allows you to see pie charts and bar graphs.
    • Text is a useful alternative if you intend to view the report on a machine without a web browser.
    • Tab-separated and comma-separated reports are useful for importing into documents, spreadsheets, or databases. These formats are useful with the Technical Overview report.
  5. Click on the Continue button to create your report. You will be able to view the report at this point.
  6. Save the report. In most browsers, this is done by choosing Save As under the File menu. In Lynx, the procedure is slightly different; at the previous step, highlight the Continue button and press D to save the report.

Generating Custom Reports

To generate a custom report, follow the same procedure as for a pre-configured report, but select Other as the report type. Enter a name for the new report type, and choose one of the seven pre-configured report types to use as a template. When you click on the continue button, the configuration screen will appear. The configuration screen is a form containing every available SAINTwriter option, pre-loaded with the default values for the template you selected. Each item on the configuration screen has a description of what the item does to the report, so a description of the individual options will not be discussed here.

At the top of the configuration screen is a hyperlinked table of contents to help you navigate through the form. When you are finished customizing the report, click on the Go button to save the changes and generate the report.

The sections of the configuration screen are as follows:

  • Charts, Lists, and Technical Details are the three main sections of the report. Charts present an overview in the form of pie charts, bar graphs, and tables. Lists are tables which present more specific information on hosts and vulnerabilities. Technical details, the most in-depth part of the report, contains text from SAINT's tutorials. These sections of the configuration form are where you choose exactly what parts will and will not be included in the report, and other options which affect the way the information is presented.
  • Vulnerabilities: This section allows you to specify which vulnerabilities to include in the report. There are options to select all vulnerabilities in a given severity level, and options to select specific vulnerability categories and services. This part of the form is generated dynamically; only the vulnerability categories and services relevent to the current scan results will be presented as options.
  • Sorting: This section allows you to specify the order in which the hosts, subnets, vulnerability categories, and tutorials will be sorted.
  • Hosts: This section allows you to narrow your report down to specific domains, IP address ranges, or host types.
  • Format: This section contains the same format options as the previous screen. If the format has already been chosen, it will not need to be changed.
  • Trend Analysis: This section allows you to choose which data sets to analyze in Trend Analysis reports, and offers several options which affect how the status categories are formed.
  • Other options: This section contains miscellaneous options.
  • Go: Go to this section when you are finished configuring the report. Clicking on the Go button will save any changes and generate the report. The configuration changes will be available for future use by choosing Other as the report type, and selecting the report type by name from the drop-down menu.

Command-line Usage

The SAINTwriter™ graphical user interface acts as a user-friendly wrapper for SAINTwriter. If the GUI is not desired, SAINTwriter can be used directly from the command line instead. This may be desirable when non-HTML reports are being generated, or on machines which don't have a browser.

To use SAINTwriter™ from the command line, change to the saint-x.x directory (e.g. saint-3.4). The syntax is:

bin/saintwriter [-s] [-v] [-c configuration]
The -s option causes SAINTwriter to output the serial number and then exit.

The -v option causes SAINTwriter to output the version number and then exit.

The -c option specifies the configuration file. This is typically one of the seven reports: full.cf, long_exec.cf, short_exec.cf, tech.cf, linked_tech.cf, detail.cf, or trend.cf. But the configuration file can be anything that exists in the config/saintwriter directory. If the -c option is omitted, the default configuration file is full.cf.

The output from SAINTwriter goes directly to standard output, so you'll usually want to redirect standard output to a file, e.g.

bin/saintwriter -c full.cf > report.html
Reports can be customized by editing the corresponding configuration file in the config/saintwriter directory. (This is also where you need to put the registration code.) As in SAINT, all options in SAINTwriter have a corresponding variable in the SAINTwriter configuration file. The default configuration files contain descriptive comments to help you configure the report, and the configuration variables appear in approximately the same order as in the GUI's configuration screen.

The only tricky parts to editing the configuration by hand are in the Vulnerabilities section and the Trend Analysis section, and only if you are selecting specific categories rather than an entire severity level or multiple data sets for trend analysis. These options are created dynamically by the GUI based on the scan results, so they do not have corresponding variables in the configuration file by default.

If you wish to select a specific vulnerability category or service, you must create a new variable and set its value to "on". The variable name is the severity color, followed by an underscore, followed by the category or service name, with spaces replaced by underscores. The new variable should be placed between the "begin vulnerabilities" comment and the "end vulnerabilities" comment. For example, if you wish to tell SAINTwriter to include all "http cgi access" vulnerabilities with "red" (critical) severity, the configuration would look like this:

# Begin vulnerabilities (do not remove this line)
$red_http_cgi_access = "on";
# End vulnerabilities (do not remove this line)
Of course, this is not necessary if the $allreds variable is set to "on", because this variable already includes all "red" vulnerabilities.

If you wish to select a data set to include in a trend analysis report, you must create a new variable whose name is the word "dataset", followed by the name of the data set in curly brackets ({}). The value of the variable should be set to "on". The new variable should be placed between the "begin data sets" comment and the "end data sets" comment. For example, to tell SAINTwriter to analyze the data sets called "Jan", "Feb", and "Mar", the configuration would look like this:

# Begin data sets (do not remove this line)
$dataset{'Jan'} = "on";
$dataset{'Feb'} = "on";
$dataset{'Mar'} = "on";
# End data sets (do not remove this line)
Back to the Documentation TOC/Index