From owner-freebsd-security Thu Mar 6 13:39:36 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DDEE837B405 for ; Thu, 6 Mar 2003 13:39:34 -0800 (PST) Received: from ruminary.org (chiku.ruminary.org [216.218.185.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id 74BEC43FAF for ; Thu, 6 Mar 2003 13:39:34 -0800 (PST) (envelope-from clark@ruminary.org) Received: by ruminary.org (Postfix, from userid 1000) id 70C6922E19; Thu, 6 Mar 2003 13:39:34 -0800 (PST) Date: Thu, 6 Mar 2003 13:39:34 -0800 From: clark shishido To: Mike Tancsa Cc: freebsd-security@freebsd.org Subject: Re: network audit of sendmail Message-ID: <20030306213934.GA435@ruminary.org> References: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Mar 06, 2003 at 10:41:43AM -0500, Mike Tancsa wrote: > > I want to go through my network to a) ensure all my machines are updated > and b)look for customer machines running vulnerable versions of > sendmail. I put together a quick perl script, but its sequential and does > not scan in parallel. (this is slow for 16,000 hosts). Can anyone recommend > a tool to do this ? Essentially all I want to do is connect to port 25, > grab the banner and record it next to the IP address. take a look at /usr/ports/security/scanssh it already supports ports 22 & 80 to get server type/version number strings for ssh and http. --clark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message