Date: Fri, 7 Mar 2003 05:23:58 +1300 (NZDT) From: Andrew McNaughton <andrew@scoop.co.nz> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: network audit of sendmail Message-ID: <20030307045418.H3185@a2.scoop.co.nz> In-Reply-To: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca> References: <5.2.0.9.0.20030306094902.06e759a8@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Randal Schwartz has a column where he presents a framework for doing this sort of thing. http://www.stonehenge.com/merlyn/LinuxMag/col15.html It's not terribly important, but in your code, you could eliminate $i and $total_hosts and loop while ($host++ != $host->broadcast). Andrew McNaughton On Thu, 6 Mar 2003, Mike Tancsa wrote: > Date: Thu, 06 Mar 2003 10:41:43 -0500 > From: Mike Tancsa <mike@sentex.net> > To: freebsd-security@FreeBSD.ORG > Subject: network audit of sendmail > > > I want to go through my network to a) ensure all my machines are updated > and b)look for customer machines running vulnerable versions of > sendmail. I put together a quick perl script, but its sequential and does > not scan in parallel. (this is slow for 16,000 hosts). Can anyone recommend > a tool to do this ? Essentially all I want to do is connect to port 25, > grab the banner and record it next to the IP address. Nessus seems to be > way overkill and I dont see a way in nmap to record the banner > output. Before I spend time to figure out how to use threads (or fork off > processes) in perl, am I re-inventing the wheel so to speak ? Is there a > script out there to do this ? I tried looking through google but didnt find > anything > > ---Mike > > #!/usr/bin/perl -w > use NetAddr::IP; > use Net::SMTP; > > my ($range, $i,$totalhosts); > > #give it something like scan ./smtp-scan.pl 192.168.0.0/16 > $range = $ARGV[0]; > > print "\ntarget range is $range \n"; > > my $host = new NetAddr::IP($range); > > $i=1; > $totalhosts = $host->num(); > print "total hosts $totalhosts \n"; > > while ($i < $totalhosts) { > $t="\n"; > $ip = $host->addr; > > if ($smtp = Net::SMTP->new($ip, Helo => 'sendmail-version-check', > Timeout => 10) ){ > $t = $smtp->banner(); > $smtp->quit; > } > $host=$host+1; > print "$ip,\t$t"; > $i++; > } > > ---Mike > -------------------------------------------------------------------- > Mike Tancsa, tel +1 519 651 3400 > Sentex Communications, mike@sentex.net > Providing Internet since 1994 www.sentex.net > Cambridge, Ontario Canada www.sentex.net/mike > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > ------------------------------------------------------------------ Andrew McNaughton In Sydney and looking for work andrew@scoop.co.nz http://staff.scoop.co.nz/andrew/cv.doc Mobile: +61 422 753 792 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030307045418.H3185>