Windows Ports Baseline Tool

[Michael Wilson <pauldotcom () siteshadow com>]

Hello fellow pauldotcom junkies,

I know I've seen some NERC CIP types here before. I wanted to plug a new
tool I've been developing (in Python). I wrote it mainly for NERC CIP 007,
but I imagine it has plenty of other uses.

I call it BaselineShadow based off of a few *shadow.com domain names I've
been acquiring for a dozen years or so. The product is an exe that uses WMI
to do a netstat on a remote system, grab a list of running processes and
services, parse the results, and combine like ports. If the ports fall
within the ephemeral port range, they will be put into a group with that
name. More information along with the tool itself is at:
http://www.siteshadow.com/tools<http://www.linkedin.com/redirect?url=http%3A%2F%2Fwww%2Esiteshadow%2Ecom%2Ftools&urlhash=1cT8&_t=tracking_anet>

I figured there was already a tool out there that does this so I started
searching google a few months back and asking around. Since my search was
fruitless, I figured this was a great excuse to get back into coding and
finally learn Python. I've been getting good feedback for the tool so far.
Look forward to other versions in the future, including ones that will use
SSH to do the same sort of magic on Linux and Unix. I started with the most
difficult and prominent beast first, MS Windows.

Let me know what you think.

Thanks,
Michael

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com