10 messages in org.freebsd.freebsd-securityRe: network audit of sendmail| From | Sent On | Attachments |
|---|---|---|
| Mike Tancsa | Mar 6, 2003 7:41 am | |
| Andrew McNaughton | Mar 6, 2003 8:23 am | |
| Mitch Collinsworth | Mar 6, 2003 8:37 am | |
| Vallo Kallaste | Mar 6, 2003 9:38 am | |
| Renaud Deraison | Mar 6, 2003 12:36 pm | |
| Duncan Patton a Campbell | Mar 6, 2003 12:54 pm | |
| clark shishido | Mar 6, 2003 1:39 pm | |
| Mike Tancsa | Mar 6, 2003 2:43 pm | |
| Mike Tancsa | Mar 6, 2003 2:45 pm | |
| Stanley Hopcroft | Mar 6, 2003 11:31 pm |
| Subject: | Re: network audit of sendmail | |
|---|---|---|
| From: | Andrew McNaughton (and...@scoop.co.nz) | |
| Date: | Mar 6, 2003 8:23:36 am | |
| List: | org.freebsd.freebsd-security | |
Randal Schwartz has a column where he presents a framework for doing this sort of thing.
http://www.stonehenge.com/merlyn/LinuxMag/col15.html
It's not terribly important, but in your code, you could eliminate $i and $total_hosts and loop while ($host++ != $host->broadcast).
Andrew McNaughton
On Thu, 6 Mar 2003, Mike Tancsa wrote:
Date: Thu, 06 Mar 2003 10:41:43 -0500 From: Mike Tancsa <mi...@sentex.net> To: free...@FreeBSD.ORG Subject: network audit of sendmail
I want to go through my network to a) ensure all my machines are updated and b)look for customer machines running vulnerable versions of sendmail. I put together a quick perl script, but its sequential and does not scan in parallel. (this is slow for 16,000 hosts). Can anyone recommend a tool to do this ? Essentially all I want to do is connect to port 25, grab the banner and record it next to the IP address. Nessus seems to be way overkill and I dont see a way in nmap to record the banner output. Before I spend time to figure out how to use threads (or fork off processes) in perl, am I re-inventing the wheel so to speak ? Is there a script out there to do this ? I tried looking through google but didnt find anything
---Mike
#!/usr/bin/perl -w use NetAddr::IP; use Net::SMTP;
my ($range, $i,$totalhosts);
#give it something like scan ./smtp-scan.pl 192.168.0.0/16 $range = $ARGV[0];
print "\ntarget range is $range \n";
my $host = new NetAddr::IP($range);
$i=1; $totalhosts = $host->num(); print "total hosts $totalhosts \n";
while ($i < $totalhosts) { $t="\n"; $ip = $host->addr;
if ($smtp = Net::SMTP->new($ip, Helo => 'sendmail-version-check', Timeout => 10) ){ $t = $smtp->banner(); $smtp->quit; } $host=$host+1; print "$ip,\t$t"; $i++; }
---Mike
-------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mi...@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
------------------------------------------------------------------ Andrew McNaughton In Sydney and looking for work and...@scoop.co.nz http://staff.scoop.co.nz/andrew/cv.doc Mobile: +61 422 753 792
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message