1.  Change log started with V 1.3.1

2.  Version 1.3.1 contains the following updates

	a.  Fixed rstatd.saint
	b.  Improved sendmail detection (sendmail.saint)
	c.  Tweaked the rules/facts and services files
	d.  Changed and added attack levels (see below)
	f.  Corrected some yellow/brown confusion

3.  During a SAINT assessmnet of a large customer site, we 
(wwwdsi and customer) discovered that SAINT with a heavy attack
level would cause the slow (and sometimes fast) crashing of Windows
NT systems.  We discovered two problems.  They are:

	a.  Microsoft's SMS client, which listens to UDP ports
	    1761 and 1762 will slowly consume memory (1 to 24 hours
	    to exhaust memory) whne scanned.  This was an 
	    unreported vulnerability in SMS.  

	b.  Oracle under Windows NT (and maybe other OS) listens
	    to TCP port 1526.  If a random sequence of characters
	    is sent to this port, the server will crash.  This is
	    a recently reported vulnerability.

As a reslt, wwdsi modified the definition of the "heavy" attack 
level.  "Heavy" will avoid these ports.  A new attack level, 
"heavy+", has been defined.  It is the similar to "heavy" but will 
not avoid these ports.


