Re: One Big Review, One Small Script?

[Alla Bezroutchko <alla () scanit be>]

Scott Seglie wrote:
 
> Currently, if I perform a network vulnerability
> assessment, I run multiple tools (nmap, iss, nessus,
> ping sweeps...etc.)  While running tools, I simply
> gather basic information.  As many of you know, it is
> very time consuming.  Actual time typing in an IP
> address and a few commands is minimal, but waiting for
> the scans can take hours.

> If anyone has additional information or links I may
> research, please let me know.

I wrote a perl script for more or less that purpose - automating
information gathering for security assessments. It glues
together multiple tools and feeds information from one
tool to the next as appropriate. It saves time in a way that
you can start it and do something else while it is running. 

Currently it does:

         portscaning (using nmap) 
         NetBIOS name gathering (using nbtscan) 
         Windows users enumeration (via RPC using rpcclient from
Samba-TNG) 
         finger user enumeration (using safe_finger from SATAN) 
         telnet bruteforcing 
         ftp bruteforcing 
         ssh bruteforcing 
         RPC services enumeration (using rpcinfo) 
         NFS mounts enumeration (using showmount) 
         banner grabbing (plain and over SSL) 
         BIND version querying 
         BIND version mapping to vulnerabilities 
         SNMP bruteforcing 
         CGI scanning (using whisker)

It is written to be modular and so that additional tools can be easily
added.

Full description and download is at http://www.scanit.be/eInsect.htm

Alla.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/