Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Default Account scanning

From: "Timmothy Lester" <Timmothy.Lester () primeadvisors com>
Date: Tue, 4 Mar 2008 05:50:47 -0800
Brutis?

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of p1g
Sent: Thursday, February 28, 2008 9:40 PM
To: Pentest Mailinglist
Subject: Default Account scanning

A few years ago, an audit was performed on the netowrk i worked on.
A tool was use to crawl the network and attempt a login to systems
using the default user name and password.

I have perform this manually by enumerating systems (switches.routers,
appliances) and testing them against default password lists, but I was
wondering if there was a tool out there that handled this type of
automated scan.

I know that Nessus will handle some of this.

Any other tools that come to mind?


TIA

-- 
-p1g
SnortCP, C|HFI, TNCP, TECP, NACP, A+
  ,,__
o"     )~  oink oink
   ' ' ' '

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: