Re: Network Scan

[shawnmer <shawnmer () io com>]

Hmmm...thoughts on the following?

1.  Run a SSH server on each Windows station
2.  Upload Cygwin's Find program and needed DLLs
3.  Schedule an AT command on the Windows station (remotely through the 
SSH connection) to look, using find, for the file extensons you're looking 
for and output results to a file. 
4.  Use smbclient to retrieve the output file.
5.  Reschedule the AT command.

-scm


W:WhtWlf2001

W>All,
W>
W>I'm looking to find a tool or the best way to accomplish the following:
W>
W>Scan WindowsNT machines on the local network, authenticate with a known admin password, and search
W>for specific files on the local hard drive, log success, failures and file information. In this
W>first pass I am looking for .jpg and .mpg type files (we have an internal porn issue) but later I
W>envision using this tool to search for other specific files or file types, evidence of trojan
W>files etc... 
W>
W>Ideally this tool would be able to handle either 1 IP address or a range of addresses and work in
W>an automated fashion. Optionally to be able to dictionary attack those machines that don't have
W>the default admin password would be helpful as well. 
W>
W>Anyone know of such a tool or developed a custom script for this type of "audit"?
W>
W>Thanks.
W>