[unisog] Automated vulnerability tests upon host to network attachment
usts046 at uabdpo.dpo.uab.edu
Sat May 17 01:57:56 GMT 2003
Gary, you may want to add:
4) Does the 95/98/ME/NT/W2K/XP have an open drive c: for writing
Unfortunately our script writes a file to the drive to confirm that
it is open.
On Thu, 15 May 2003 23:14:12 -0400 Gary Flynn said:
>marchany at vt.edu wrote:
>>So, in keeping with the "never present a problem w/o providing a solution"
>>strategy, the hard part of this project isn't the scanning pieces. It's
>>showing the user HOW to make the necessary changes. I don't see the benefit of
>>this service to a dept that has a reasonably skilled sysadmin. They already
>>know how to run a scanner and fix the problem. For those sysadmins who aren't
>>motivated to implement the changes, the scanner service doesn't buy anything.
>We most defintely are in agreement on most of your points. However, a
>great deal of good could be
>accomplished by a few simple checks for the most common problems. For
>1) Does the NT/2k/xp Administrator account have a strong password.
>2) Is port 80 open and is it susceptible to unicode traversal.
>3) Is port 21 open and is it susceptible to wu-ftpd overflow.
>In all three cases, the solutions are simple and/or can be packaged for
>any end user.
>If the scanner service prevents an unsafe system from becoming open to
>attack, being compromised, and threatening the rest of the infrastructure
>than it has bought quite a bit.
More information about the unisog