Date: Thu, 06 Mar 2003 10:41:43 -0500 From: Mike Tancsa <mike@sentex.net> To: freebsd-security@freebsd.org Subject: network audit of sendmail Message-ID: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca>
next in thread | raw e-mail | index | archive | help
I want to go through my network to a) ensure all my machines are updated
and b)look for customer machines running vulnerable versions of
sendmail. I put together a quick perl script, but its sequential and does
not scan in parallel. (this is slow for 16,000 hosts). Can anyone recommend
a tool to do this ? Essentially all I want to do is connect to port 25,
grab the banner and record it next to the IP address. Nessus seems to be
way overkill and I dont see a way in nmap to record the banner
output. Before I spend time to figure out how to use threads (or fork off
processes) in perl, am I re-inventing the wheel so to speak ? Is there a
script out there to do this ? I tried looking through google but didnt find
anything
---Mike
#!/usr/bin/perl -w
use NetAddr::IP;
use Net::SMTP;
my ($range, $i,$totalhosts);
#give it something like scan ./smtp-scan.pl 192.168.0.0/16
$range = $ARGV[0];
print "\ntarget range is $range \n";
my $host = new NetAddr::IP($range);
$i=1;
$totalhosts = $host->num();
print "total hosts $totalhosts \n";
while ($i < $totalhosts) {
$t="\n";
$ip = $host->addr;
if ($smtp = Net::SMTP->new($ip, Helo => 'sendmail-version-check',
Timeout => 10) ){
$t = $smtp->banner();
$smtp->quit;
}
$host=$host+1;
print "$ip,\t$t";
$i++;
}
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.2.0.9.0.20030306094902.06e759a8>