Penetration Testing mailing list archives

Re: [PEN-TEST] Network Access Device Scanning

From: H Carvey <keydet89 () YAHOO COM>
Date: Sun, 10 Sep 2000 11:49:49 -0000

Mark,

I would think that you have a couple of options 
available to you:

1.  Using Perl, create a script using Net::Telnet 
that accesses the devices.  I believe that there 
is even a Cisco-specific Perl module that may work 
for you.  Assuming that this information is part 
of an internal vulnerability assessment, there 
should be no problem getting the necessary 
passwords from the network admins...and that 
information (ie, passwords strength, if the 
password varies between systems, etc) can also 
assist your assessment.

2.  Using Perl, create a script using 
Net::SNMP...and collect the necessary information 
from MIB-II.  If you need info from 
vendor-specific MIBs, that info can go into a db 
table of some sort.

Carv

Current thread:

Re: [PEN-TEST] Network Access Device Scanning H Carvey (Sep 10)
- Re: [PEN-TEST] Network Access Device Scanning Teicher, Mark (Sep 10)
- <Possible follow-ups>
- Re: [PEN-TEST] Network Access Device Scanning H Carvey (Sep 11)
  - Re: [PEN-TEST] Network Access Device Scanning Teicher, Mark (Sep 11)