Updated SAINT 2.2 --> 3.0: Changes described below

9/6/00   Changed RDS vulnerability back to red severity
	 due to user feedback. Changed RDS check to
	 that used by ARC.

9/6/00   Changed the first line of each perl script
	 to /usr/bin/perl, the standard path for Linux,
	 so RPMs will work. The path gets replaced
	 by reconfig anyway.

9/7/00   Added saint.1 man page.

9/7/00   Added GNU autoconf-generated "configure" script
	 and "Makefile.in" template. Moved original
	 Makefile to "old". Modified README to reflect
	 new compilation procedure.

9/7/00   Modified reconfig to make output more like that
	 of the configure script, since it gets called
	 from the configure script now.

9/8/00   Updated the ntop check and tutorial to reflect
	 the newly announced buffer overflow condition.

9/13/00  Added check for the Qaz trojan/worm contributed
	 by Tom Payerle.

9/13/00  Added check for 9704/TCP and ingreslock backdoors.

9/13/00  Increased timeout value for http.saint and smb.saint.
	 Slightly increased timeout for tcpscan and udpscan.
	 Set all the special timeouts to $long_timeout instead
	 of static values. Increased $long_timeout to 60.

9/14/00  Added check for YaBB.

9/14/00  Increased timeout value for snmp.saint.

9/14/00  Added supporting scripts for SAINTwriter.

9/18/00  Added check for scohelphttp vulnerability.

9/18/00  Added check for MultiHTML and Mobius DocumentDirect.

9/18/00  Released 3.0 beta 1.

9/20/00  Put linux/limits.h check before sys_errlist check
	 in configure script to fix a problem on RedHat 6.2.
	 Thanks to Sheila Franklin for providing config.log.

9/20/00  Added more includes to the netinet check in
	 configure in an attempt to make it work on SunOS 4.
	 Thanks to James Bys for providing config.log.

9/20/00  Changed tcp_scan.c to recognize "connection reset
	 by peer" (ECONNRESET) as a successful connection.
	 This is sometimes needed to catch SSH.

9/20/00  Changed run-saint.pl to check that the fqdn actually
	 resolves back to the original target. This fixes
	 situations where non-matching forward and reverse DNS
	 cause the wrong host to be scanned.

9/21/00  Changed html.pl so $my_address takes priority over
	 getfqdn() when setting $THIS_HOST. Updated FAQ.

9/25/00  Removed check for open shares when guest/administrator
	 password is null, since this always results in
	 false alarms.

9/25/00  Added port 23 to top-10 scanlevel so it will check
	 for unpassworded root accounts when telnet is open.

9/26/00  Updated cmsd.saint to detect cmsd on Solaris 2.6 and 7.

10/2/00  Modified http.saint to detect cgi shells which return
	 500 Internal Server Error.

10/2/00  Added check for Net Tools PKI Server.

10/2/00  Updated the CVE Candidates list.

10/2/00  Added check for IBM Net.data db2www.

10/2/00  Changed snmp.saint. Community string guesses are
	 now kept in a list instead of a hash, so we can
	 control the order and put the common ones first.

10/2/00  Released 3.0 beta 2.

Updated SAINT 2.1.3 --> 2.2: Changes described below

8/21/00  Updated rpc_statd tutorial to reference new
	 CERT advisory 2000-17.

8/21/00  Added check for Specialized Header vulnerability
	 in Microsoft web servers.

8/22/00  Added check for Smurf and Fraggle. Relabeled
	 the chargen vulnerable to, more appropriately,
	 UDP bomb, now that we're really checking for Fraggle.
	 (NMAP required for this check.)

8/23/00  Added -n option for $target_netmask (needed
	 for smurf.saint.) Modified shell.pl to allow
	 quoted arguments, and todo.pl to allow targets
	 which are network addresses (indicated by a
	 trailing slash) if subnet expansion is on.

8/23/00  Added check for ntop vulnerability.

8/23/00  Modified linux-new target to include headers
	 in /usr/src/linux/include for broken RedHat 6.2 systems.
	 (Thanks to Allan Clark.)

8/23/00  More changes in support of smurf.saint.
	 Modified drop_old_facts and drop_old_todos to drop
	 records for target's associated network/broadcast addresses.

8/23/00  Released 2.2 beta 1.

8/24/00  Made changes to http.saint, tcpscan.saint,
	 and rules/services for ntop check to work.
	 Released patch 1.

8/25/00  Added check for netauth.cgi and htgrep.

8/25/00  Added check for bboard vulnerability in
	 SUN Java Web Server.

8/25/00  Fixed sunos5/solaris bug in nfs-chk by
	 linking to rpcsvc and rpcsoc libraries.
	 Thanks to Stefan Rapp.

8/31/00  Changed cgi-bin/perl from http_cgi_info (brown)
	 to http_cgi_shells (red). Changed ODBC RDS
	 to brown.

8/31/00  Added todo rule to check root account for
	 empty password whenever telnet is open, and
	 to check every account for trust using rsh.

8/31/00  Modified smb.saint to check for unpassworded
	 guest and administrator accounts and to
	 distinguish between readable and writable shares.

9/5/00   Added check for Trinity.

9/5/00   Released SAINT 2.2.

For previous changes see READMEs/CHANGES-2.1
