If your macs are running MacOS X, which is pretty much BSD-based, you can at least try to scan it as a BSD box and then based on the results try some bsd exploits for 68k processor or whatever... at least it gives some clues... it seems that default install is very unprotected, somewhat like default redhat install - it even has portmapper running there - I attached here results of "netstat -a" and "ps -aux" of a PowerBook (not mine, I don't know much about Mac, I asked a friend to run those commands on his machine). I guess soon we'll have lots of bsd exploits ported to mac with a mac-specific shellcodes :))) Btw, I heard about Macs being heavily used by US government - is that true? :))) regards, Vitaly Osipov Security Consultant Wolfe Group Phone: +353 1 6238311 Fax: +353 1 6238312 Mobile: +353 87 9370088 http://www.wolfegroup.com ----- Original Message ----- From: "Kimberly Novobilsky" <kmnovoat_private> To: <PEN-TESTat_private> Sent: Monday, April 23, 2001 9:01 PM Subject: [PEN-TEST] MAC Vulnerability Scanner > Does anyone know of a good freeware or commercial product that will scan > Mac's for vulnerabilities? > -- > /-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/ > Kimberly M. Novobilsky Voice 216.433.2524 > Network Security Analyst Fax 216.433.8000 > Verizon, Federal Network Systems Pager 216.549.3834 > NASA Glenn Research Center > 21000 Brookpark Rd. MS 142-1 > Cleveland, OH 44135
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 08:06:46 PDT