Security Basics mailing list archives

RE: Network Scan

From: Flory D Jeffrey Contractor 59MDSS/MSISI <Jeffrey.Flory2 () LACKLAND AF MIL>
Date: Mon, 13 Jan 2003 13:01:31 -0600

These sites contain a lot of tools that can help you out.  Good luck.

http://www.atstake.com/research/redirect.html?research/lc3/download.html
http://arbon.elxsi.de/download.html
http://members.home.net/jefftranter/audit.html
http://opop.nols.com/proggie.html
ftp://ftp.pangeia.com.br/pub/seg/pac/
ftp://ftp.pangeia.com.br/pub/seg/pac/
http://www.slacknet.org/code.php
http://www.conclave.com/ntsafe/
http://zurk.sourceforge.net/zfile.html
http://www-arc.com/tara/index.html
http://www.net.tamu.edu/network/tools/tiger.html
http://www.fish.com/titan/
http://www.self-evident.com/exploits/vetes/
http://exscan.netpedia.net/exscan.html
http://david.weekly.org/code/
http://cyberpunk.n3.net/software.html
http://viper.dmrt.com/tools/Messala/
http://www.subterrain.net/projects/mns/
http://mixter.warrior2k.com/
http://www.foundstone.com/resources/ntomax.html
http://www.wwdsi.com/saint/
http://www-arc.com/sara/
http://www.securityfriday.com/ToolDownload/SPC/spc_doc.html
http://www.securityfriday.com/ToolDownload/SWB/swb_doc.html
http://www.self-evident.com/exploits/vetes/

-----Original Message-----
From: WhtWlf2001 [mailto:whtwlf2001 () yahoo com]
Sent: Sunday, January 12, 2003 3:43 PM
To: security-basics () securityfocus com
Subject: Network Scan


All,

I'm looking to find a tool or the best way to accomplish the following:

Scan WindowsNT machines on the local network, authenticate with a known
admin password, and search
for specific files on the local hard drive, log success, failures and file
information. In this
first pass I am looking for .jpg and .mpg type files (we have an internal
porn issue) but later I
envision using this tool to search for other specific files or file types,
evidence of trojan
files etc... 

Ideally this tool would be able to handle either 1 IP address or a range of
addresses and work in
an automated fashion. Optionally to be able to dictionary attack those
machines that don't have
the default admin password would be helpful as well. 

Anyone know of such a tool or developed a custom script for this type of
"audit"?

Thanks.

Current thread:

Re: Network Scan, (continued)
- Re: Network Scan shawnmer (Jan 15)
  - RE: Network Scan Jimmy Sansi (Jan 16)
- Re: Network Scan Ivan Hernandez (Jan 15)
- Re: Network Scan ATD (Jan 20)
- RE: Network Scan John C. Dack (Jan 14)
  - RE: Network Scan Robert Buel (Jan 21)
- RE: Network Scan Nuno Ferreira (Jan 15)
  - Re: Network Scan Talisker (Jan 17)
- Re: Network Scan H C (Jan 19)
- RE: Network Scan H C (Jan 21)
- RE: Network Scan Flory D Jeffrey Contractor 59MDSS/MSISI (Jan 21)
- RE: Network Scan webbi (Jan 21)
- RE: Network Scan Andy Streule (Jan 23)