Date: Thu, 6 Mar 2003 11:37:23 -0500 (EST) From: Mitch Collinsworth <mitch@ccmr.cornell.edu> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: network audit of sendmail Message-ID: <Pine.LNX.4.51.0303061132420.5810@ori.ccmr.cornell.edu> In-Reply-To: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca> References: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 6 Mar 2003, Mike Tancsa wrote: > I want to go through my network to a) ensure all my machines are updated > and b)look for customer machines running vulnerable versions of > sendmail. I put together a quick perl script, but its sequential and does > not scan in parallel. (this is slow for 16,000 hosts). Can anyone recommend > a tool to do this ? Essentially all I want to do is connect to port 25, > grab the banner and record it next to the IP address. Nessus seems to be > way overkill and I dont see a way in nmap to record the banner > output. Before I spend time to figure out how to use threads (or fork off > processes) in perl, am I re-inventing the wheel so to speak ? Is there a > script out there to do this ? I tried looking through google but didnt find > anything Might it speed things up to go to a 2-pass setup? First nmap the whole network to see what hosts have port 25 open, then go back and collect banner info from just those hosts. For extra credit: pipe the output from the 1st pass into the input of the 2nd pass so it can start checking banners as soon as the 1st pass begins identifying candidates to check. -Mitch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.51.0303061132420.5810>