strobe-classb 1.8 review
Downloadstrobe-classb is a small and fast network scanner for Linux
|
|
strobe-classb is a small and fast network scanner for Linux. It works best on kernel 2.0.36. It was originally designed for scanning for open e-mail relays on your LAN. Version 1.8 works on Linux 2.0.35 and later and Linux 2.2.8 and later.
Also here is RH5.0-5.2-patchscript - a script to fix a problem in RedHat 5.0 to 5.2's relaying rulesets where certain envelope recipients could be used to trick the anti-relaying rulesets.
relay-check.pl is included as an example use of the program. It is how I use the program - to scan my University's class B network on a regular basis to detect spam relays, which I then use list-hosts.pl to list sorted by network so that I can notify the individual network admins.
I also use this program to detect other, more serious security problems locally. I will not be releasing any of the code I use for this (both because it isn't "production-quality" and because I find so much with these checks that I don't want others to use them). Consider relay-check.pl to be the example of how the code *should* be used, and develop what checks you wish to use locally. If you want a security scanner, http://www.nessus.org/ seems quite promising.
Each perl script has brief documentation at the start of it. If you do not understand this documentation then read the code. If you do not understand the code then you should not be running the program.
Requirements:
Kernel version 2.0.35 RELEASE VERSION or later (or 2.2.8/later), GCC 2.7.2.3 egcs/gcc 2.8.1 untested) and Intel byteorder. The current settings are for a
Pentium-class computer on 10Mbps ethernet and decent bandwidth WAN to all the
hosts it is scanning. Hosts are scanned in vague grouping by subnet instead
of the lower-bandwidth sorted by last IP segment since this stresses the
Linux kernel routing code less (and this code was a major problem originally).
What's New in This Release:
More changes to perl script for 2.2 kernels.
Does a pair of different relay checks instead of just one. Can find far more relays which aren't "obviously open" but are still open.
strobe-classb 1.8 search tags