[unisog] Automated vulnerability tests upon host to network attachment

Douglas McLean usts046 at uabdpo.dpo.uab.edu
Sat May 17 01:57:56 GMT 2003


Gary, you may want to add:

4) Does the 95/98/ME/NT/W2K/XP have an open drive c: for writing

Unfortunately our script writes a file to the drive to confirm that 
it is open.    

On Thu, 15 May 2003 23:14:12 -0400 Gary Flynn said:
>marchany at vt.edu wrote:
>
>>So, in keeping with the "never present a problem w/o providing a solution"
>>strategy, the hard part of this project isn't the scanning pieces. It's
>>showing the user HOW to make the necessary changes. I don't see the benefit of
>>this service to a dept that has a reasonably skilled sysadmin. They already
>>know how to run a scanner and fix the problem. For those sysadmins who aren't
>>motivated to implement the changes, the scanner service doesn't buy anything.
>>
>>
>
>We most defintely are in agreement on most of your points. However, a
>great deal of good could be
>accomplished by a few simple checks for the most common problems. For
>example,
>
>1) Does the NT/2k/xp Administrator account have a strong password.
>2) Is port 80 open and is it susceptible to unicode traversal.
>3) Is port 21 open and is it susceptible to wu-ftpd overflow.
>
>In all three cases, the solutions are simple and/or can be packaged for
>any end user.
>
>If the scanner service prevents an unsafe system from becoming open to
>attack, being compromised, and threatening the rest of the infrastructure
>than it has bought quite a bit.
>




More information about the unisog mailing list