> 1. It is HUGE. It eats up tons of disk and ram space. [...] You don't need to load the whole thing to run the scan (see below). It's disk space requirements are proportional to the number of hosts you plan on scanning. > 2. It requires installing other packages like perl. Most hackers aren't > able to run anything unless it's a no brainer script. "Gee the bad thing > is we've been hacked and someone used SATAN, the good thing is that we > got perl5 and a web browser installed." Fortunately :-) > 3. Since you have to use a web browser, you have to either run SATAN from > the console (umm, really stupid hacker scanning from his own machine) or > redirect the X Display to his own machine (still really stupid). [...] You don't need a web browser to run the scan, the command line works just fine. For example satan -a 2 somehost will run a 'heavy' scan against somehost without going through the browser. The browser becomes really handy when you want to view the results (but even so, it's not essential - you could make do with just grep if you were really stuck). -JS