Security Basics mailing list archives
RE: Network Scan
From: H C <keydet89 () yahoo com>
Date: Tue, 14 Jan 2003 08:52:17 -0800 (PST)
I've written Perl scripts that do exactly what you're looking for. I've used them quite extensively, as well. If you're interested, I could send them to you...I have them on one of my home computers.
Scan WindowsNT machines on the local network, authenticate with a known admin password,
If the script is run from a domain admin account, this last step isn't necessary.
and search for specific files on the local hard drive,
log
success, failures and file information.
Not sure what you mean by "success, failures". If it finds a file that meets the specifications, it should log it...otherwise, it's not logged. What file information are you looking for? There's a good deal you may be able to get, besides MAC times.
In this first pass I am looking for .jpg and .mpg type files
(we
have an internal porn issue) but later I envision
using
this tool to search for other specific files or file
types, evidence of trojan files etc...
No problem. I've done some work writing file signature analysis scripts, so this same thing can be employed, in addition to looking for extensions. Adding "evidence of trojan files" simply means looking for files of certain names in specific directories, and can be a bit cumbersome to maintain. Carv __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Current thread:
- RE: Network Scan, (continued)
- RE: Network Scan Jimmy Sansi (Jan 14)
- Re: Network Scan shawnmer (Jan 15)
- RE: Network Scan Jimmy Sansi (Jan 16)
- Re: Network Scan Ivan Hernandez (Jan 15)
- Re: Network Scan ATD (Jan 20)
- RE: Network Scan John C. Dack (Jan 14)
- RE: Network Scan Robert Buel (Jan 21)
- RE: Network Scan Nuno Ferreira (Jan 15)
- Re: Network Scan Talisker (Jan 17)
- Re: Network Scan H C (Jan 19)
- RE: Network Scan H C (Jan 21)
- RE: Network Scan Flory D Jeffrey Contractor 59MDSS/MSISI (Jan 21)
- RE: Network Scan webbi (Jan 21)
- RE: Network Scan Andy Streule (Jan 23)