Money, endorsements, recording contracts, etc.
For the record, no one gave us any money to build the tool; the development was done on our own time and equipment. No one (including our current employers) endorses or directly supports it.
Why does it scan sites other than your own?
All the hosts scanned with SATAN are done so because it gives a clearer
picture of what the network security of your site is, by examining the
webs of trust and the possible avenues of approach or attack. Since there is
no way that SATAN could, a priori, know where it is going to scan, we
decided that instead of placing artificial constraints on the program, we
would allow the system administrator to place their own constraints on
where SATAN would run, via the configuration file
Why wasn't there a limited distribution, to only the "white hats"?
History has shown that attempts to limit distribution of most security
information and tools has only made things worse. The "undesirable"
elements of the computer world will obtain them no matter what you do,
and people that have legitimate needs for the information are denied it
because of the inherently arbitrary and unfair limitations that are set up
when restricting access.
We're almost certainly going to continue development on SATAN. At the
top of our wish list is a way to graphically display the network maps,
especially with respect to the webs of trust. This is a hard problem!
Our main goal right now is to get a solid product out, and see how it's
received by the world; the response will drive our development. In
addition, we haven't had much of a chance to play with the program
ourselves, so once the dust clears, we'll probably have a better view of
where we'll take the program.