I want to demonstrate that a particular (linux) system is vunerable so I
can try to get something done about it. According to netstat -a the
following TCP ports are listening for connections:
1700, 1025, echo, discard, daytime, chargen, ftp, telnet, gopher, shell,
login, exec, pop2, pop3, imap2, uucp, finger, socks, sunrpc, 661, 7201,
7200, www, 6000.
and when you combine that with the fact it's a 2.0.X linux system that
has never had any security patches or updates installed, and that all
these ports are available to the internet with a fixed IP, I'm pretty
sure that there's a security vulnerability or two in there somewhere.
Can anyone recommend a good security vulnerability scanner that can
generate a nice list of vulnerabilities that I can use to try and get
permission to do something about this? Either a program that installs
onto the system being tested or something that can do it remotly would
do.
- Doug
--
_____________________________________________________________
Network Operations Engineer - Big Pond Advance Satellite
Ericsson Australia - Level 5, 184 The Broadway, Sydney 2000
Ph: +61-416-085-390 Email: [EMAIL PROTECTED]
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
