lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64.0702162144370.5538@runt.uhhh.org>
Date: Fri, 16 Feb 2007 22:26:35 -0600 (CST)
From: Marcin Antkiewicz <fd@...tek.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Solaris telnet vulnberability - how many on
 yournetwork?

On Sat, 17 Feb 2007, pagvac wrote:
> The following script might also help find Solaris telnet servers on
> your network.

[...]

> for IP in `cat $IPSFILE`
> do
>        echo "Trying $IP ...";
>        if nmap -P0 -n -p23 -sS $IP | grep -i open > /dev/null
>        then
>                if nmap -P0 -n -p23 -sV $IP | grep -ie 'SunOS' -ie 'Solaris'
>                then
>                        echo "$MESSAGE on $IP"; echo $IP >>
> $0.results; echo $IP | mail -s $MESSAGE $EMAIL
>                fi
>        fi
> done


The output would be too noisy on a large network. Few weeks ago I ran 
something that would go like this:


   ( echo "Sun bxes with telnet";                 \
     nmap -n -P0 -iL list -p 23 -O -oG - |        \
     grep -Ei 'Host.+open.+(Solaris|SunOS)' |     \
     cut -d ' ' -f 2                              \
   ) | mail -s "Check those" unixadmins@...mple.com


-- 
Marcin Antkiewicz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ