From owner-freebsd-security Thu Mar 6 8:24: 4 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3516F37B401 for ; Thu, 6 Mar 2003 08:24:01 -0800 (PST) Received: from a2.scoop.co.nz (aurora.scoop.co.nz [203.96.152.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id DA10143F75 for ; Thu, 6 Mar 2003 08:23:59 -0800 (PST) (envelope-from andrew@scoop.co.nz) Received: from localhost (localhost [127.0.0.1]) by a2.scoop.co.nz (8.12.8/8.12.2) with ESMTP id h26GNwa7025770; Fri, 7 Mar 2003 05:23:58 +1300 (NZDT) (envelope-from andrew@scoop.co.nz) Date: Fri, 7 Mar 2003 05:23:58 +1300 (NZDT) From: Andrew McNaughton To: Mike Tancsa Cc: freebsd-security@FreeBSD.ORG Subject: Re: network audit of sendmail In-Reply-To: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca> Message-ID: <20030307045418.H3185@a2.scoop.co.nz> References: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Randal Schwartz has a column where he presents a framework for doing this sort of thing. http://www.stonehenge.com/merlyn/LinuxMag/col15.html It's not terribly important, but in your code, you could eliminate $i and $total_hosts and loop while ($host++ != $host->broadcast). Andrew McNaughton On Thu, 6 Mar 2003, Mike Tancsa wrote: > Date: Thu, 06 Mar 2003 10:41:43 -0500 > From: Mike Tancsa > To: freebsd-security@FreeBSD.ORG > Subject: network audit of sendmail > > > I want to go through my network to a) ensure all my machines are updated > and b)look for customer machines running vulnerable versions of > sendmail. I put together a quick perl script, but its sequential and does > not scan in parallel. (this is slow for 16,000 hosts). Can anyone recommend > a tool to do this ? Essentially all I want to do is connect to port 25, > grab the banner and record it next to the IP address. Nessus seems to be > way overkill and I dont see a way in nmap to record the banner > output. Before I spend time to figure out how to use threads (or fork off > processes) in perl, am I re-inventing the wheel so to speak ? Is there a > script out there to do this ? I tried looking through google but didnt find > anything > > ---Mike > > #!/usr/bin/perl -w > use NetAddr::IP; > use Net::SMTP; > > my ($range, $i,$totalhosts); > > #give it something like scan ./smtp-scan.pl 192.168.0.0/16 > $range = $ARGV[0]; > > print "\ntarget range is $range \n"; > > my $host = new NetAddr::IP($range); > > $i=1; > $totalhosts = $host->num(); > print "total hosts $totalhosts \n"; > > while ($i < $totalhosts) { > $t="\n"; > $ip = $host->addr; > > if ($smtp = Net::SMTP->new($ip, Helo => 'sendmail-version-check', > Timeout => 10) ){ > $t = $smtp->banner(); > $smtp->quit; > } > $host=$host+1; > print "$ip,\t$t"; > $i++; > } > > ---Mike > -------------------------------------------------------------------- > Mike Tancsa, tel +1 519 651 3400 > Sentex Communications, mike@sentex.net > Providing Internet since 1994 www.sentex.net > Cambridge, Ontario Canada www.sentex.net/mike > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > ------------------------------------------------------------------ Andrew McNaughton In Sydney and looking for work andrew@scoop.co.nz http://staff.scoop.co.nz/andrew/cv.doc Mobile: +61 422 753 792 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message