[Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?
fd at kajtek.org
Sat Feb 17 04:26:35 GMT 2007
On Sat, 17 Feb 2007, pagvac wrote:
> The following script might also help find Solaris telnet servers on
> your network.
> for IP in `cat $IPSFILE`
> echo "Trying $IP ...";
> if nmap -P0 -n -p23 -sS $IP | grep -i open > /dev/null
> if nmap -P0 -n -p23 -sV $IP | grep -ie 'SunOS' -ie 'Solaris'
> echo "$MESSAGE on $IP"; echo $IP >>
> $0.results; echo $IP | mail -s $MESSAGE $EMAIL
The output would be too noisy on a large network. Few weeks ago I ran
something that would go like this:
( echo "Sun bxes with telnet"; \
nmap -n -P0 -iL list -p 23 -O -oG - | \
grep -Ei 'Host.+open.+(Solaris|SunOS)' | \
cut -d ' ' -f 2 \
) | mail -s "Check those" unixadmins at example.com
Full-Disclosure is hosted and sponsored by Secunia.