|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Saturday, 11 September 1999||Author: Quentin Cregan|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Printable]|
Auditing for RPC vulnerabilities? Use BASS
BASS includes RPC support, and was designed with bulk in mind (It was developed for the Internet Auditing Project). It will only take a few minutes of trivial effort to update the scanner.
|Page 1 of 1|
To: BugTraq Subject: Auditing for RPC vulnerabilities? Use BASS Date: Thu Sep 09 1999 04:38:28 Author: Liraz Siri Message-ID: <19990909103828.A16712@metaverse.inter.net.il>
On Wed, Sep 01, 1999 at 09:44:26PM -0400, Fyodor wrote:
> Further, it can be painful to locate and 'rpcinfo' every > host on a large network.
BASS includes RPC support, and was designed with bulk in mind (It was developed for the Internet Auditing Project). It will only take a few minutes of trivial effort to update the scanner (I might just do it myself). Besides being a bit out of date, it's well suited for the task.
RPC support is based on portmapper however, so you won't fair well if the network is behind a firewall.
You can grab it at: http://www.securityfocus.com/data/tools/network/bass-1.0.7.tar.gz
BTW, Unless you're running a Linux libc5 (our original development system), you'll need to apply the bugfix patches posted on Bugtraq a few weeks ago (Yes, a new version *is* in order).
Fyodor's nmap, especially with RPC support is really an excellent tool. However, with nmap:
1) It may take a while to comprehensively scan a very large network.
2) It merely detects the presence of a service, and does not test for vulnerability (by attempting an overflow and evaluating the response, or the lack of one).
|Page 1 of 1|