[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?
- From: Marcin Antkiewicz <fd@xxxxxxxxxx>
- Date: Fri, 16 Feb 2007 22:26:35 -0600 (CST)
On Sat, 17 Feb 2007, pagvac wrote:
> The following script might also help find Solaris telnet servers on
> your network.
[...]
> for IP in `cat $IPSFILE`
> do
> echo "Trying $IP ...";
> if nmap -P0 -n -p23 -sS $IP | grep -i open > /dev/null
> then
> if nmap -P0 -n -p23 -sV $IP | grep -ie 'SunOS' -ie 'Solaris'
> then
> echo "$MESSAGE on $IP"; echo $IP >>
> $0.results; echo $IP | mail -s $MESSAGE $EMAIL
> fi
> fi
> done
The output would be too noisy on a large network. Few weeks ago I ran
something that would go like this:
( echo "Sun bxes with telnet"; \
nmap -n -P0 -iL list -p 23 -O -oG - | \
grep -Ei 'Host.+open.+(Solaris|SunOS)' | \
cut -d ' ' -f 2 \
) | mail -s "Check those" unixadmins@xxxxxxxxxxx
--
Marcin Antkiewicz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/